EvoMalware, shell script to detect infected websites.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

944 B


EvoMalware is a BASH script which permits to identify files (PHP only ATM) infected by malwares/virus/backdoor.
The main goal is to be used in a cron job to generate reports, but it can be used in "one shot" mode.

The script uses 3 flat text files as databases:

  • evomalware.filenames, known filenames.
  • evomalware.patterns, known patterns.
  • evomalware.whitelist, files to ignore.

There is also an "aggressive" mode which permits to find suspect files using evomalware.suspect DB.
At each run, the script downloads the last databases.




Upstream is at https://forge.evolix.org/projects/evomalware
GitHub is a mirror.

Interesting others projects