From c39c97e5501209a900554f028add1ff8e45273e0 Mon Sep 17 00:00:00 2001
From: Julien (jvoisin) Voisin
Date: Mon, 31 Oct 2016 17:58:12 +0100
Subject: Improve a bit the readme

---
 README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'README.md')

diff --git a/README.md b/README.md
index 012612d..262c119 100644
--- a/README.md
+++ b/README.md
@@ -44,7 +44,6 @@ The following list of encoders/obfuscators/webshells are also detected:
 Of course it's **trivial** to bypass PMF,
 but its goal is to catch kiddies and idiots,
 not people with a working brain.
-
 If you report a stupid tailored bypass for PMF, you likely belong to one (or
 both) category, and should re-read the previous statement.
 
@@ -99,10 +98,11 @@ Because:
 - It doesn't use [a single rule per sample](
   https://github.com/Neo23x0/signature-base/blob/e264d66a8ea3be93db8482ab3d639a2ed3e9c949/yara/thor-webshells.yar
   ), since it only cares about finding malicious patterns, not specific webshells
+- It has a [complete testsuite](https://travis-ci.org/nbs-system/php-malware-finder), to avoid regressions
 - Its whitelist system doesn't rely on filenames
 - It doesn't rely on (slow) [entropy computation]( https://en.wikipedia.org/wiki/Entropy_(information_theory) )
 - It uses a ghetto-style static analysis, instead of relying on file hashes
-- Thanks to the aforementioned pseudo-static analysis, it works (especially) on obfuscated files too
+- Thanks to the aforementioned pseudo-static analysis, it works (especially) well on obfuscated files
 
 ## Licensing
 
-- 
cgit v1.3