php-malware-finder
php-malware-finder copied to clipboard
jvoisin
Detect potentially malicious PHP files
The currently-used version of go-yara (V4.2.1) panics when ran with especially long lines. I came across this issue while testing the project in a docker container. issue: https://github.com/hillu/go-yara/issues/101 `docker run...
This MR fixes #118 .Let me know if you have any questions.
Hello, I'm not familiar with python, when I run the whitelist tool here is the error I get .. I changed nothing in whitelist *.yar files .. `python3 ./ci/utils/php-malware-finder/php-malware-finder/utils/generate_whitelist.py "Test"...
* Individuals rules are generated from utils/generate_whitelist.py * Globals whitelists data are generated from https://git.spip.net/spip-contrib-outils/yara-spip Could solve #89
So people don't get a heart-attack "the next day" when their virus scanner does a full disk scan, and reports loads of detections.
Hello Could be nice to add [spip](https://git.spip.net/spip/spip) (or gihub [mirror](https://github.com/spip/spip) support. I've a PR but maybe some question to be correct. I use generate_whitelist script to generate and have some...
I wonder if there's a better way of doing this.
Currently, our [main script's code]( https://github.com/nbs-system/php-malware-finder/blob/master/php-malware-finder/phpmalwarefinder ) looks quite ugly. It would be nice if someone with some shell-fu could take a look at it, and clean it up.
Currently, we're not detecting a lot of @wireghoul's [htaceess-based webshells]( https://github.com/wireghoul/htshells ). It would be nice to improve the situation :)