diff options
| author | xarkes | 2016-04-11 11:22:01 +0200 |
|---|---|---|
| committer | Julien (jvoisin) Voisin | 2016-04-11 17:09:34 +0200 |
| commit | 3854653c8686cf9ff9bbab13f09d1566682efb5e (patch) | |
| tree | 4615cb15e9c81428068ae3a3f13faf10cc426e0d /README.md | |
| parent | b1f5377f011ff1eeab9bec96261667ed566c6fbe (diff) | |
Fixed debian package + readme
Diffstat (limited to 'README.md')
| -rw-r--r-- | README.md | 5 |
1 files changed, 3 insertions, 2 deletions
| @@ -47,7 +47,7 @@ both) category, and should re-read the previous sentence. | |||
| 47 | ## How does it work? | 47 | ## How does it work? |
| 48 | 48 | ||
| 49 | Detection is performed by crawling the filesystem and testing files against a | 49 | Detection is performed by crawling the filesystem and testing files against a |
| 50 | [set]( https://github.com/nbs-system/php-malware-finder/blob/master/malwares.yara ) | 50 | [set]( https://github.com/nbs-system/php-malware-finder/blob/master/php.yara ) |
| 51 | of [YARA](https://plusvic.github.io/yara/) rules. Yes, it's that simple! | 51 | of [YARA](https://plusvic.github.io/yara/) rules. Yes, it's that simple! |
| 52 | 52 | ||
| 53 | 53 | ||
| @@ -67,7 +67,8 @@ Usage phpmalwarefinder [-cfhtv] [-l (php|asp)] <file|folder> ... | |||
| 67 | Or if you prefer to use `yara`: | 67 | Or if you prefer to use `yara`: |
| 68 | 68 | ||
| 69 | ``` | 69 | ``` |
| 70 | $ yara -r ./malwares.yara /var/www | 70 | $ yara -r ./php.yara /var/www |
| 71 | $ yara -r ./asp.yara /var/www | ||
| 71 | ``` | 72 | ``` |
| 72 | 73 | ||
| 73 | Please keep in mind that you should use at least YARA 3.4 because we're using | 74 | Please keep in mind that you should use at least YARA 3.4 because we're using |