evolix
/
evomalware
16
1
Fork 0
Code Issues 10 Pull Requests Releases Wiki Activity
EvoMalware, shell script to detect infected websites.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
71 Commits
1 Branch
0 Tags
183 KiB
 
 
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
Benoît S. c66aae5f38
Add a new pattern 		1 year ago
LICENSE Project is now GPLv3 3 years ago
Makefile Added suspect files. 7 years ago
README.md Project is now GPLv3 3 years ago
evomalware.filenames Add a new file to known malware 3 years ago
evomalware.filenames.md5 Add a new file to known malware 3 years ago
evomalware.patterns Add a new pattern 1 year ago
evomalware.patterns.md5 Add a new pattern 1 year ago
evomalware.sh Adding support for .js files 3 years ago
evomalware.suspect Added suspect files. 7 years ago
evomalware.suspect.md5 Added suspect files. 7 years ago
evomalware.whitelist Add some directories in whitelist 2 years ago
evomalware.whitelist.md5 Mise à jour md5 2 years ago

README.md

Description

EvoMalware is a bash(1) script that can detect various malware, viruses and backdoors in PHP and Javascript source code. It is meant to be used in a cron(8) job to generate reports, but can also be used interactively.

The script uses 3 flat text files as databases:

  • evomalware.filenames, known filenames.
  • evomalware.patterns, known patterns.
  • evomalware.whitelist, files to ignore.

A fourth database named evomalware.suspect is used in "aggressive" mode to detect suspicious files

At each run, EvoMalware will download the latest databases.

Configuration/Tuning

TODO

Upstream

Upstream is at https://gitea.evolix.org/evolix/evomalware
GitHub is a mirror.

Other projects of interest