php-malware-finder icon indicating copy to clipboard operation
php-malware-finder copied to clipboard

Published 20 hours ago verified publisher icon jvoisin

Option to exclude images/specific filetypes

Open Kramerican opened this issue 7 years ago • 2 comments

It would be helpful if it were possible to exclude certain filetypes from the malware scan. I am seeing a lot of false positives generated by uploaded image files in a Wordpress install, for example.

Kramerican avatar Dec 17 '17 16:12 Kramerican

You can do this by combining find with yara :)

Do you think that this deserves a dedicated flag/option in PMF?

jvoisin avatar Dec 18 '17 09:12 jvoisin

Hey :)

Yes, well, if it's that easy it would be pretty neat to have it baked in. But thanks for the tip - that makes sense, and opens up possibilities I hadn't thought about before actually! (Like, what I often see is that I can narrow the search by looking at modified time of a known hacked file - so here I could do a very focused search using find + yara, for example)

Kramerican avatar Dec 18 '17 09:12 Kramerican