EvoMalware, shell script to detect infected websites.
Vous ne pouvez pas sélectionner plus de 25 sujets Les noms de sujets doivent commencer par une lettre ou un nombre, peuvent contenir des tirets ('-') et peuvent comporter jusqu'à 35 caractères.
Benoît S. 37d95a4529 Add a new file to known malware il y a 1 mois
LICENSE Project is now GPLv3 il y a 2 mois
Makefile Added suspect files. il y a 4 ans
README.md Project is now GPLv3 il y a 2 mois
evomalware.filenames Add a new file to known malware il y a 1 mois
evomalware.filenames.md5 Add a new file to known malware il y a 1 mois
evomalware.patterns Add patterns il y a 3 mois
evomalware.patterns.md5 Add patterns il y a 3 mois
evomalware.sh Adding support for .js files il y a 5 mois
evomalware.suspect Added suspect files. il y a 4 ans
evomalware.suspect.md5 Added suspect files. il y a 4 ans
evomalware.whitelist Add rules to the whitelist il y a 4 mois
evomalware.whitelist.md5 Add rules to the whitelist il y a 4 mois

README.md

Description

EvoMalware is a bash(1) script that can detect various malware, viruses and backdoors in PHP and Javascript source code. It is meant to be used in a cron(8) job to generate reports, but can also be used interactively.

The script uses 3 flat text files as databases:

  • evomalware.filenames, known filenames.
  • evomalware.patterns, known patterns.
  • evomalware.whitelist, files to ignore.

A fourth database named evomalware.suspect is used in “aggressive” mode to detect suspicious files

At each run, EvoMalware will download the latest databases.

Configuration/Tuning

TODO

Upstream

Upstream is at https://gitea.evolix.org/evolix/evomalware
GitHub is a mirror.

Other projects of interest