Skip to content

Evomalware is a simple BASH script do detect malwares/virus/backdoor/... especially for PHP files.

Notifications You must be signed in to change notification settings

evoforge/evomalware

Repository files navigation

Description

EvoMalware is a BASH script which permits to identify files (PHP only ATM) infected by malwares/virus/backdoor.
The main goal is to be used in a cron job to generate reports, but it can be used in "one shot" mode.

The script uses 3 flat text files as databases:

  • evomalware.filenames, known filenames.
  • evomalware.patterns, known patterns.
  • evomalware.whitelist, files to ignore.

There is also an "aggresive" mode which permits to find suspect files using evomalware.suspect DB.
At each run, the script downloads the last databases.

Configuration/Tuning

TODO

Upstream

Upstream is at https://forge.evolix.org/projects/evomalware
GitHub is a mirror.

Interesting others projects

About

Evomalware is a simple BASH script do detect malwares/virus/backdoor/... especially for PHP files.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published