php-malware-finder - Detect potentially malicious PHP files

Age	Commit message (Collapse)	Author
2021-11-02	run apt-get with sudomigrate-ci	Mathieu Deous

2021-11-02	try to migrate to github actions	Mathieu Deous

2021-08-12	Specify the encoding in generate_whitelist.py	jvoisin

2020-10-01	Reorder the list of things we detect	jvoisin

2020-10-01	Add a keyword for a rule	jvoisin

2020-07-01	Fix a yara warning	jvoisin
	This shouldn't impact detection much, while fixing a scary warning
2020-05-26	Add a safeguard against corrupted rules	jvoisin

2020-04-03	Fix php-malware-finder for yara > 4.0.0	jvoisin

2020-02-11	Fix some links in the readme	jvoisin

2020-02-08	Change the path of the travis-ci badge	jvoisin

2019-10-24	Add doc on how to compile yara	jvoisin
	Prompted by jdnrg@
2019-10-22	Remove a duplicate keyword in php.yar	shaddai
	This should fix issue #94
2019-08-01	Prevent any warningerror about rules too complex	Km
	* Rules are considered reliable * We can generate final yara file with quiet This should close #88
2019-07-03	Fix some typos in the README	Scott C Wilson

2018-09-04	Point to the stable version of yara in the documentation	jvoisin

2018-09-04	Installation documentation (#78)	rotemreiss

2018-07-17	Automatic generation of Magento (1 and 2) whitelists	Jeroen Vermeulen

2018-07-16	Updated mass_whitelist to output progress to STDERR (#75)	Jeroen Vermeulen
	Only the generated rules are printed to STDOUT Now you can do: ``` ./mass_whitelist.py [NAME] [URL_PATTERN] [MAJOR] [MINOR] [PATCH] > ../whitelists/name.yar ```
2018-07-14	Improved scripts to be callable from another directory. (#73)	Jeroen Vermeulen
	Improved scripts to be callable from another directory instead of only from their own working dir.
2018-06-26	Detect things like '@include'	jvoisin
	This should close #71
2018-05-30	update symfony whitelist	MatToufoutu

2018-05-30	update phpmyadmin whitelist	MatToufoutu

2018-05-30	whitelists tags	MatToufoutu

2018-05-30	improve mass_whitelist.py output	MatToufoutu

2018-05-30	update drupal whitelists	MatToufoutu

2018-05-30	update wordpress whitelists	MatToufoutu

2018-05-29	Add detection for Nano	jvoisin
	[Nano]( https://github.com/UltimateHackers/nano ) is a family of PHP webshells which are code golfed to be extremely stealthy and efficient.
2018-04-26	Fix a missing link	jvoisin

2018-02-21	Add a detection for things like `eval/* …*/(`	jvoisin

2018-02-21	Update a bit the README	jvoisin

2018-02-21	Add a CONTRIBUTING.md	jvoisin

2018-02-21	Improve our non-default configuration file path handling	jvoisin

2018-02-21	Some regexps are now matching on word boundaries	jvoisin
	This should close #51
2018-02-21	Fix the debian packaging	jvoisin

2018-02-21	Remove a leftover file from the previous commit/great purge	jvoisin

2018-02-21	Major cleanup of useless files	jvoisin

2018-02-21	Remove a useless file	jvoisin
	This should close #64
2017-12-18	Improve a bit the wording of the help message	jvoisin

2017-11-21	Add a missing dep	jvoisin

2017-11-21	Fix the build	jvoisin
	Travis isn't running as root anymore :/
2017-11-21	Add a new sample, and a way to detect it	jvoisin

2017-07-26	Add some detections	jvoisin

2017-07-11	Remove the logo for now	jvoisin

2017-07-09	Add ob_start as dodgy php (#56)	Fariskhi Vidyan
	Wonderful, thank you ♥
2017-05-19	add gitter badge	Mathieu D
	add a badge linking to PMF's gitter chatroom
2017-04-28	Add Hpack detection method	jvoisin

2017-04-26	Add a detection for a smart webshell	jvoisin

2017-03-03	Add a test for "AddType application/x-httpd-cgi"	jvoisin

2017-02-21	Add another simple hex-string pattern	jvoisin

2016-12-30	\x09-\x0d are no-rintable chars, but aren't malicious.	jvoisin
	This close #44, thanks to @DrTyrell for spotting this issue ♥