| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2016-01-04 | Add a whitelist for wordpress 4.4 | jvoisin | |
| 2016-01-04 | Perf optimization and rules completion | jvoisin | |
| 2016-01-04 | Simplify a bit some rules | jvoisin | |
| - Remove `b64_concat` since it was close to useless - Make `too_many_chr` non-greddy Those changes will make our malwares.yara rules yara-git friendly. | |||
| 2015-12-11 | cleaning rule updated | Julien "shaddai" Reveret | |
| 2015-12-03 | files with no end of line or less than 3 lines and huge (more than 300) ↵ | Julien "shaddai" Reveret | |
| amonts of characters are detected as suspicious | |||
| 2015-12-03 | added double base64 encoding detection | Julien "shaddai" Reveret | |
| 2015-11-26 | added tennc repo to the list | shaddai | |
| 2015-11-26 | new rules | shaddai | |
| some samples from this repo weren't detected : https://github.com/tennc/webshell Fixes #3 | |||
| 2015-11-06 | added signature for base64 concatenation | Julien "shaddai" Reveret | |
| 2015-11-02 | packaging inside a squeeze chroot modifies the malwares.yara file, adding a ↵ | Julien "shaddai" Reveret | |
| git checkout to make sure it is restored before packaging starts | |||
| 2015-10-29 | indent with spaces | Mathieu Deous | |
| 2015-10-29 | Merge branch 'master' of gitlab.nbs-system.com:packages/php-malware-finder | Mathieu Deous | |
| Conflicts: php-malware-finder/bin/yara | |||
| 2015-10-29 | reverting change since it triggers too many false positives | Julien "shaddai" Reveret | |
| 2015-10-29 | signatures: eval can be prefixed by an open square bracket | Mathieu Deous | |
| 2015-10-29 | tested php-malware-finder against many webshells, completed the signature lists | Julien "shaddai" Reveret | |
| 2015-10-29 | added whitelist to package | Julien "shaddai" Reveret | |
| 2015-10-29 | builddir changed, modifying install files accordingly | Julien "shaddai" Reveret | |
| 2015-10-29 | control file modification | Julien "shaddai" Reveret | |
| 2015-10-29 | Makefile changed : no more git clone, new build dir | Julien "shaddai" Reveret | |
| 2015-10-29 | reorganized git repo | Julien "shaddai" Reveret | |
| 2015-10-29 | Add some more rules | jvoisin | |
| 2015-10-29 | Add some more dodgy functions | jvoisin | |
| 2015-10-29 | Add `pack` to the list | jvoisin | |
| 2015-10-19 | reverting change since it triggers too many false positives | Julien "shaddai" Reveret | |
| 2015-10-15 | Merge pull request #12 from jvoisin/patch-1 | blotus | |
| Fix #11 | |||
| 2015-10-15 | Fix #11 | jvoisin | |
| This is a bit hackish, but I can't manage to find a more elegant way to do it. | |||
| 2015-10-14 | signatures: eval can be prefixed by an open square bracket | Mathieu Deous | |
| 2015-10-09 | tested php-malware-finder against many webshells, completed the signature lists | Julien "shaddai" Reveret | |
| 2015-10-09 | added whitelist to package | Julien "shaddai" Reveret | |
| 2015-10-09 | builddir changed, modifying install files accordingly | Julien "shaddai" Reveret | |
| 2015-10-09 | control file modification | Julien "shaddai" Reveret | |
| 2015-10-08 | Makefile changed : no more git clone, new build dir | Julien "shaddai" Reveret | |
| 2015-10-08 | reorganized git repo | Julien "shaddai" Reveret | |
| 2015-09-08 | Merge pull request #9 from gdelpierre/master | blotus | |
| fix shebang typo | |||
| 2015-09-08 | fix shebang typo | Guillaume Delpierre | |
| 2015-09-08 | Merge pull request #8 from gdelpierre/master | blotus | |
| Add shebang | |||
| 2015-09-08 | Add shebang | Guillaume Delpierre | |
| 2015-09-08 | remove empty line | Guillaume Delpierre | |
| 2015-09-08 | Remove glob library, not used | Guillaume Delpierre | |
| 2015-09-08 | Add shebang | Guillaume Delpierre | |
| 2015-09-08 | Merge pull request #7 from gdelpierre/master | blotus | |
| Use bash built-in and use portability shebang | |||
| 2015-09-08 | Use type built-in instead of command | Guillaume Delpierre | |
| 2015-09-08 | Typo | Guillaume Delpierre | |
| 2015-09-08 | Use bash builtin | Guillaume Delpierre | |
| 2015-09-08 | Portability | Guillaume Delpierre | |
| 2015-08-29 | Merge pull request #5 from ahpnils/master | Mathieu D. | |
| Update the whitelist for Dotclear 2.8.0 | |||
| 2015-08-28 | Add whitelist for Dotclear 2.8.0 | ahpnils | |
| 2015-08-28 | try to manually sync with upstream | ahpnils | |
| 2015-08-28 | Merge remote-tracking branch 'upstream/master' | ahpnils | |
| 2015-07-29 | Add some more rules | jvoisin | |
 |
index : php-malware-finder | |
| Detect potentially malicious PHP files |
| summaryrefslogtreecommitdiff |