Vous ne pouvez pas sélectionner plus de 25 sujets
Les noms de sujets doivent commencer par une lettre ou un nombre, peuvent contenir des tirets ('-') et peuvent comporter jusqu'à 35 caractères.
Benoît S.
37d95a4529
Add a new file to known malware
|
il y a 1 mois | |
|---|---|---|
| LICENSE | il y a 2 mois | |
| Makefile | il y a 4 ans | |
| README.md | il y a 2 mois | |
| evomalware.filenames | il y a 1 mois | |
| evomalware.filenames.md5 | il y a 1 mois | |
| evomalware.patterns | il y a 3 mois | |
| evomalware.patterns.md5 | il y a 3 mois | |
| evomalware.sh | il y a 5 mois | |
| evomalware.suspect | il y a 4 ans | |
| evomalware.suspect.md5 | il y a 4 ans | |
| evomalware.whitelist | il y a 4 mois | |
| evomalware.whitelist.md5 | il y a 4 mois |
README.md
README.md
Description
EvoMalware is a bash(1) script that can detect various malware, viruses and backdoors in PHP and Javascript source code. It is meant to be used in a cron(8) job to generate reports, but can also be used interactively.
The script uses 3 flat text files as databases:
- evomalware.filenames, known filenames.
- evomalware.patterns, known patterns.
- evomalware.whitelist, files to ignore.
A fourth database named evomalware.suspect is used in “aggressive” mode to detect suspicious files
At each run, EvoMalware will download the latest databases.
Configuration/Tuning
TODO
Upstream
Upstream is at https://gitea.evolix.org/evolix/evomalware
GitHub is a mirror.
Other projects of interest
- WPScan, http://wpscan.org/
- Plecost, https://github.com/iniqua/plecost
- Linux Malware Detect (with ClamAV), https://www.rfxn.com/projects/linux-malware-detect/