Welcome to The Forum

Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to

existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile

and so much more. This message will be removed once you have signed in.

Active Hackers

The best community of active hackers. This community has been working in hacking for more than 10 years.

 

Hacker Forum

Hacker from all countries join this community to share their knowledge and their hacking tools

    Hacking Tools

    You can find thousands of tools shared by hackers. RAT's, Bot's, Crypters FUD, Stealers, Binders, Ransomware, Mallware, Virus, Cracked Accounts, Configs, Guides, Videos and many other things.

      PRIV8

      Become a Priv8 user and access all parts of the forum without restrictions and without limit of download. It only costs 100 dollars, and it will last you for a lifetime.

      Read Rules

      In this community we follow and respect rules, and they are the same for everyone, regardless of the user's rank. Read the rules well not to be prohibited.

      Sign in to follow this  
      itsMe

      PHP Antimalware Scanner v0.8.0.234 - php antimalware/antivirus scanner console script

      Recommended Posts

      Staff

      Hidden Content

        Give reaction to this post to see the hidden content.

      AMWSCAN – PHP Antimalware Scanner

      PHP Antimalware Scanner, written in php, can scan PHP files and analyze your project to find malicious code inside it. It provides a text terminal console interface to scan files in a given directory and find PHP code files the seem to contain malicious code. The package can also scan the PHP files without outputting anything to the terminal console. In that case, the results are stored in a log file. This scanner can work on your own php projects and on a lot of other platforms. Use this command php -d disable_functions for running the program without issues.

      Changelog v0.8.0.234

          New dangerous functions definitions
          New random figlets on header
          Improve dangerous functions and encoded functions detections with less false positivity
          Improve code deobfuscation
          Improved line code detection
          Now report output is enabled by default
          Code refactoring

      Hidden Content

        Give reaction to this post to see the hidden content.

      Share this post


      Link to post
      Share on other sites

      Join the conversation

      You can post now and register later. If you have an account, sign in now to post with your account.
      Note: Your post will require moderator approval before it will be visible.

      Guest
      Reply to this topic...

      ×   Pasted as rich text.   Paste as plain text instead

      ×   Your link has been automatically embedded.   Display as a link instead

      Sign in to follow this  

      • Similar Content

        • By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content.
          Hidden Content
          Give reaction to this post to see the hidden content. What can i do with this?
          with this software, you will be able to search your dorks in supported search engines and scan grabbed urls to find their vulnerabilities. in addition , you will be able to generate dorks, scan urls and saerch dorks separately when ever you want
          Supported search engines
              Google
              Yahoo
              Bing
          Supported vulnerabilities
              SQL Injection
              XSS
              LFI
          Whats new in version 2 (most important updates)?
          adding custom payloads
          you can edit payloads.json file which will be created when you open and close software once, and add payloads as much as you want , easier than drinking water
          adding custom error checks
          once a payload injected in url, software will looks for errors in new website source, you can also customize those errors too. what you have to do is easily edit payloadserror.json file which will be created when you open and close software once. you can also use regexes as error , with REIT|your regex here format
          multy vulnerability check
          in old version, you were not able to choose more than 1 vulnerabilites to check, but in v2, you can do this easily.
          multy search engine grabber
          in old version, you were not able to choose more than 1 saerchengines to saerch in, but in v2, you can do this easily.
          memory management
          we`ve added memory management to avoid lack of memory in your system
          dork generator
          you can generate dorks and save them very fast with your custom configurations and keywords. valid configuration format should contain {DORK} that will be replaced with each keyword in dork generation process
          updates list (all)
              new threading system based on microsoft task
              using linq technology
              dork generator part
              ability to add regexes as payloads error
              low usage
              moving from WPF to Windows form (just because my designes are bad, contact me if you can do better)
              ability to use scanner-graber separately and simultaneously
              and ....

          Hidden Content
          Give reaction to this post to see the hidden content.
        • By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content. This is a modern platform for sharing media content, an analogue of social networks such as twitter, instagram.
          Hidden Content
          Give reaction to this post to see the hidden content.

          Hidden Content
          Give reaction to this post to see the hidden content.
        • By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content. Summary
          This is a simple script intended to perform a full recon on an objective with multiple subdomains
          Features
              Tools checker
              Google Dorks (based on deggogle_hunter)
              Subdomain enumeration (passive, resolution, bruteforce and permutations)
              Sub TKO (subjack and nuclei)
              Web Prober (httpx)
              Web screenshot (aquatone)
              Template scanner (nuclei)
              Port Scanner (naabu)
              Url extraction (waybackurls, gau, hakrawler, github-endpoints)
              Pattern Search (gf and gf-patterns)
              Param discovery (paramspider and arjun)
              XSS (Gxss and dalfox)
              Open redirect (Openredirex)
              SSRF checks (from m4ll0k/Bug-Bounty-Toolz/SSRF.py)
              Github Check (git-hound)
              Favicon Real IP (fav-up)
              JS Checks (LinkFinder, SecretFinder, scripts from JSFScan)
              Fuzzing (ffuf)
              Cors (Corsy)
              SSL Check (testssl)
              Interlace integration
              Custom output folder (default under Recon/target.com/)
              Run standalone steps (subdomains, subtko, web, gdorks...)
              Polished installer compatible with most distros
              Verbose mode
              Update tools script


          Hidden Content
          Give reaction to this post to see the hidden content.
        • By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content. WhatWeb identifies websites. Its goal is to answer the question, “What is that Website?”. It recognizes web technologies including content management systems (CMS), blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices. WhatWeb has over 1700 plugins, each to recognize something different. WhatWeb also identifies version numbers, email addresses, account IDs, web framework modules, SQL errors, and more.
          WhatWeb can be stealthy and fast, or thorough but slow. WhatWeb supports an aggression level to control the tradeoff between speed and reliability. When you visit a website in your browser, the transaction includes many hints of what web technologies are powering that website. Sometimes a single webpage visit contains enough information to identify a website but when it does not, WhatWeb can interrogate the website further. The default level of aggression, called ‘stealthy’, is the fastest and requires only one HTTP request of a website. This is suitable for scanning public websites. More aggressive modes were developed for use in penetration tests.
          Most WhatWeb plugins are thorough and recognize a range of cues from subtle to obvious. For example, most WordPress websites can be identified by the meta HTML tag, e.g. ‘<meta name=”generator” content=”WordPress 2.6.5″>’, but a minority of WordPress websites remove this identifying tag but this does not thwart WhatWeb. The WordPress WhatWeb plugin has over 15 tests, which include checking the favicon, default installation files, login pages, and checking for “/wp-content/” within relative links.
          Features:
              Over 1800 plugins
              Control the trade-off between speed/stealth and reliability
              Performance Tuning. Control how many websites to scan concurrently.
              Multiple log formats: Brief (greppable), Verbose (human readable), XML, JSON, MagicTree, RubyObject, MongoDB, ElasticSearch, SQL.
              Proxy support including TOR
              Custom HTTP headers
              Basic HTTP authentication
              Control over webpage redirection
              IP address ranges
              Fuzzy matching
              Result certainty awareness
              Custom plugins defined on the command line
              IDN (International Domain Name) support
          Changelog v.0.5.5
              FIXES
                  #358 Fixed escape_for_sql method (@juananpe)
              NEW PLUGINS
                  Apache Flink (@juananpe)
                  Dell-OpenManage-Switch-Administrator (@themaxdavitt)
                  FLIR AX8 (@urbanadventurer)
                  Huginn (@urbanadventurer)
                  OpenResty (@urbanadventurer)
                  Telerik UI (@definity)
                  Umbraco (@definity / @ChadBrigance
                  VMware Horizon (@themaxdavitt)
              PLUGIN UPDATES
                  Joomla (@juananpe)
                  phpMyAdmin (@juananpe)
                  Microsoft IIS (@themaxdavitt)

          Hidden Content
          Give reaction to this post to see the hidden content.
        • By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content. Start your own website like OnlyFans.com or Patreon.com and grow like mad. It’s like a social network but allows content creators to directly earn MONEY from their FANS for their PREMIUM content.
          Hidden Content
          Give reaction to this post to see the hidden content.

          Hidden Content
          Give reaction to this post to see the hidden content.