-
Notifications
You must be signed in to change notification settings - Fork 100
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
A question about malware signatures contribution #23
Comments
Hi @milosdjakonovic, sure, we accept the contribution for malware signatures. In this case it should be an Exploit (here: https://github.com/marcocesarato/PHP-Antimalware-Scanner/blob/master/src/Exploits.php) with In this case there are some variables like the |
Thanks... Now I see the difference. So, Consider adding mini howto for this subject in README. |
Hi @milosdjakonovic , I create a small documentation website of the program (a lot of these informations are on Here explained in short the differences between definitions: https://marcocesarato.github.io/PHP-Antimalware-Scanner/ |
Awesome. Malware samples are on the way... |
Hi.
Do you accept malware signatures contribution?
If yes, how is that done: are the
src/Signatures.php
Signatures::$raw
andSignatures::$regex
what we could update?Do you enforce limits regarding regex / raw rule length or complexity?
Last but not least, how do I as a contributor prove that the code is malware? Example, a few lines of readable and nicely formatted code (no eval|gunzip|base64_decode crap):
most certainly this does not have to be malware per se, but if I add info that this file suddenly occurred as dodgy WP plugin ("WP plugin"), than it's a different call.
The text was updated successfully, but these errors were encountered: