Description
===========

EvoMalware is a BASH script which permits to identify files (PHP only ATM)
infected by malwares/virus/backdoor.  
The main goal is to be used in a cron job to generate reports, but it can be
used in "one shot" mode.  

The script uses 3 flat text files as databases:

* evomalware.filenames, known filenames.
* evomalware.patterns, known patterns.
* evomalware.whitelist, files to ignore.

There is also an "aggressive" mode which permits to find suspect files using
evomalware.suspect DB.  
At each run, the script downloads the last databases.

Configuration/Tuning
====================

TODO

Upstream
========

Upstream is at https://forge.evolix.org/projects/evomalware  
GitHub is a mirror.

Interesting others projects
===========================

* WPScan, http://wpscan.org/
* Plecost, https://github.com/iniqua/plecost
* Linux Malware Detect (with ClamAV), https://www.rfxn.com/projects/linux-malware-detect/