Updated README.
This commit is contained in:
parent
c2eabbd343
commit
16d7ec928a
17
README.md
17
README.md
|
@ -1,16 +1,19 @@
|
||||||
Description
|
Description
|
||||||
===========
|
===========
|
||||||
|
|
||||||
EvoMalware is a BASH script which permits to identify files (PHP only ATM) infected by malwares/virus/backdoor.
|
EvoMalware is a BASH script which permits to identify files (PHP only ATM)
|
||||||
The main goal is to be used in a cron job to generate reports, but it can be used in "one shot" mode.
|
infected by malwares/virus/backdoor.
|
||||||
|
The main goal is to be used in a cron job to generate reports, but it can be
|
||||||
|
used in "one shot" mode.
|
||||||
|
|
||||||
The script uses 3 flat text files as databases:
|
The script uses 3 flat text files as databases:
|
||||||
|
|
||||||
evomalware.filenames, known filenames ;
|
* evomalware.filenames, known filenames.
|
||||||
evomalware.patterns, known patterns ;
|
* evomalware.patterns, known patterns.
|
||||||
evomalware.whitelist, files to ignore.
|
* evomalware.whitelist, files to ignore.
|
||||||
|
|
||||||
There is also an "aggresive" mode which permits to find suspect files using evomalware.suspect DB.
|
There is also an "aggresive" mode which permits to find suspect files using
|
||||||
|
evomalware.suspect DB.
|
||||||
At each run, the script downloads the last databases.
|
At each run, the script downloads the last databases.
|
||||||
|
|
||||||
Configuration/Tuning
|
Configuration/Tuning
|
||||||
|
@ -21,7 +24,7 @@ TODO
|
||||||
Upstream
|
Upstream
|
||||||
========
|
========
|
||||||
|
|
||||||
Upstream is at https://forge.evolix.org/projects/evomalware
|
Upstream is at https://forge.evolix.org/projects/evomalware
|
||||||
GitHub is a mirror.
|
GitHub is a mirror.
|
||||||
|
|
||||||
Interesting others projects
|
Interesting others projects
|
||||||
|
|
Loading…
Reference in a new issue