Welcome to The Forum

Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to

existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile

and so much more. This message will be removed once you have signed in.

Active Hackers

The best community of active hackers. This community has been working in hacking for more than 10 years.

 

Hacker Forum

Hacker from all countries join this community to share their knowledge and their hacking tools

    Hacking Tools

    You can find thousands of tools shared by hackers. RAT's, Bot's, Crypters FUD, Stealers, Binders, Ransomware, Mallware, Virus, Cracked Accounts, Configs, Guides, Videos and many other things.

      PRIV8

      Become a Priv8 user and access all parts of the forum without restrictions and without limit of download. It only costs 100 dollars, and it will last you for a lifetime.

      Read Rules

      In this community we follow and respect rules, and they are the same for everyone, regardless of the user's rank. Read the rules well not to be prohibited.

      Sign in to follow this  
      itsMe

      PHP malware scanner v1.0.6 - Scans PHP files for malwares and known threats

      Recommended Posts

      Staff

      Hidden Content

        Give reaction to this post to see the hidden content.

      PHP malware scanner

      Traversing directories for files with php extensions and testing files against text or regexp rules, the rules-based on self-gathered samples and publicly available malwares/webshells. The goal is to find infected files and fight against kiddies, because too easy to bypass rules.

      Changelog v1.0.6

          Allowing multiple use of -d option and braces in path syntax, closes #56

      Hidden Content

        Give reaction to this post to see the hidden content.

      Share this post


      Link to post
      Share on other sites

      Join the conversation

      You can post now and register later. If you have an account, sign in now to post with your account.
      Note: Your post will require moderator approval before it will be visible.

      Guest
      Reply to this topic...

      ×   Pasted as rich text.   Paste as plain text instead

      ×   Your link has been automatically embedded.   Display as a link instead

      Sign in to follow this  

      • Similar Content

        • By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content. IObit Malware Fighter 8 PRO
          La protección completa en tiempo real de tu PC, para tus datos personales y navegación en línea
              El motor Anti-virus de Bitdefender
              Evita que más de 200 millones de amenazas de seguridad infecten y dañen tu computadora.
              Protección Inteligente
              Utiliza detección avanzada del comportamiento e inteligencia artificial para detectar actividades maliciosas de cualquier programa para prevenir que los ciber-criminales obtengan control de tu ordenador.
              Defensa de Ransomware Reforzada
              Combina el motor exclusive anti-ransomware de IObit con la protección por contraseña de la Caja Fuerte para garantizar que todos tus archivos importantes estén seguros de ataques y accesos no autorizados.
          Hidden Content
          Give reaction to this post to see the hidden content.

          Hidden Content
          Give reaction to this post to see the hidden content.
        • By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content. PwnFox
          PwnFox is a Firefox/Burp extension that provides usefull tools for your security audit.
          If you are a chrome user you can check https://github.com/nccgroup/autochrome.
          Single click BurpProxy
          Connect to Burp with a simple click, this will probably remove the need for other add-ons like foxyProxy. However, if you need the extra features provided by foxyProxy you can leave this unchecked.
          Containers Profiles
          PwnFox gives you fast access to Firefox containers. This allows you to have multiple identities in the same browser. When PwnFox and the Add container header option are enabled, PwnFox will automatically add an X-PwnFox-Color header to highlight the query in Burp.
          PwnFoxBurp will automatically highlight and strip the header, but you can also specify your own behavior with addons like logger++.
          Security header remover
          Sometimes it’s easier to work with the security header disabled. You can now do it with a single button press. Don’t forget to reenable them before testing your final payload.
          Headers stripped:
              Content-Security-Policy
              X-XSS-Protection
              X-Frame-Options
              X-Content-Type-Options


          Hidden Content
          Give reaction to this post to see the hidden content.
        • By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content. AutoDirbuster
          Automatically run and save Dirbuster scans for multiple IPs
          Why?
          OWASP Dirbuster is a great directory buster but running it against multiple IPs and ports is a very manual process with a lot of downtime between scans. This script attempts to automate that process and eliminates downtime between scans.
          What is the recommended usage?
          If attacking multiple targets:
              Run Nmap and find open ports, outputting the results with -oG or -oA
              Run AutoDirbuster with the Nmap results and a timeout (closed ports or non-HTTP based services are ignored)
                  python AutoDirbuster.py -g Nmap_results.gnmap -to 15
              As the pentest progresses, periodically review the Dirbust results using dirbust_read.py, which will ignore all Dirbuster error lines and only print the found directories and files
          If attacking a single target:
              python AutoDirbuster.py -st example.com:80
          What data does this need?
          The script can take three data sources:
              List of IP:port or hostname:port, one per line
              python AutoDirbuster.py ip_port_list.txt
              An Nmap Gnmap result file
              python AutoDirbuster.py -g Nmap_results.gnmap
              A single target
              python AutoDirbuster.py -st example.com:80
          How does this script work?
              A list of targets is provided
              A TCP connect scan is done on the target port to test if it’s open
              If it’s open, HTTP and HTTPS requests are sent to determine if the service is HTTP-based and whether it requires SSL
              If the service is HTTP, a check is done to determine if a previous report file is in the same directory. Report files follow the format: DirBuster-Report-IP-port.txt
              Dirbuster is run using Python’s subprocess.Popen(). If a timeout is specified, then after the timeout period, a SIGINT signal is sent to Dirbuster so it can safely shut down and write results to disk. A note is added to the report indicating that the scan timed out.
              The next IP:port goes through the same process (TCP connect, HTTP service query, dirbust)
          This script isn’t working
          Ensure the following
              Are all of the dependencies listed in requirements.txt installed?
              Is there a directory called “DirBuster” inside the same directory as AutoDirbuster.py?
              Does this “DirBuster” directory contain the Dirbuster JAR file named “DirBuster.jar”?
              Is “DirBuster.jar” version 0.12?
              Does this “DirBuster” directory contain a file called “directory-list-2.3-small.txt” (the default wordlist)?
              Does this “DirBuster” directory contain a subdirectory called “lib” with the default 13 required Dirbuster JAR dependencies?
              Is Java installed?
              Is Java in your path?
              Run AutoDirbuster with the –debug flag to view the subprocess command that AutoDirbuster is using to launch Dirbuster. Run this command from the terminal to view standard error as AutoDirbuster is configured to send subprocess standard error to /dev/null


          Hidden Content
          Give reaction to this post to see the hidden content.