EvoMalware, shell script to detect infected websites.
Vous ne pouvez pas sélectionner plus de 25 sujets Les noms de sujets doivent commencer par une lettre ou un nombre, peuvent contenir des tirets ('-') et peuvent comporter jusqu'à 35 caractères.
Benoît S. 3e693fc601 Merge branch 'license-readme-conformity' of evolix/evomalware into master il y a 3 semaines
LICENSE Project is now GPLv3 il y a 1 mois
Makefile Added suspect files. il y a 4 ans
README.md Project is now GPLv3 il y a 1 mois
evomalware.filenames Added a SPAM mailer. il y a 3 ans
evomalware.filenames.md5 Added a SPAM mailer. il y a 3 ans
evomalware.patterns Add patterns il y a 1 mois
evomalware.patterns.md5 Add patterns il y a 1 mois
evomalware.sh Adding support for .js files il y a 3 mois
evomalware.suspect Added suspect files. il y a 4 ans
evomalware.suspect.md5 Added suspect files. il y a 4 ans
evomalware.whitelist Add rules to the whitelist il y a 2 mois
evomalware.whitelist.md5 Add rules to the whitelist il y a 2 mois

README.md

Description

EvoMalware is a bash(1) script that can detect various malware, viruses and backdoors in PHP and Javascript source code. It is meant to be used in a cron(8) job to generate reports, but can also be used interactively.

The script uses 3 flat text files as databases:

  • evomalware.filenames, known filenames.
  • evomalware.patterns, known patterns.
  • evomalware.whitelist, files to ignore.

A fourth database named evomalware.suspect is used in “aggressive” mode to detect suspicious files

At each run, EvoMalware will download the latest databases.

Configuration/Tuning

TODO

Upstream

Upstream is at https://gitea.evolix.org/evolix/evomalware
GitHub is a mirror.

Other projects of interest