evolix/evomalware
21
1
Fork 0
Code Issues 11 Pull requests Releases Wiki Activity
evomalware/README.md
Benoît S. c2eabbd343 Added README file.
2015-06-29 18:21:27 +02:00

808 B
Raw Blame History

Description

EvoMalware is a BASH script which permits to identify files (PHP only ATM) infected by malwares/virus/backdoor. The main goal is to be used in a cron job to generate reports, but it can be used in "one shot" mode.

The script uses 3 flat text files as databases:

evomalware.filenames, known filenames ;
evomalware.patterns, known patterns ;
evomalware.whitelist, files to ignore.

There is also an "aggresive" mode which permits to find suspect files using evomalware.suspect DB. At each run, the script downloads the last databases.

Configuration/Tuning

TODO

Upstream

Upstream is at https://forge.evolix.org/projects/evomalware GitHub is a mirror.

Interesting others projects