From d6ec61398cfa2a00caf3f06a6a0da1ada4bf6237 Mon Sep 17 00:00:00 2001
From: jvoisin
Date: Thu, 1 Oct 2020 15:59:56 +0200
Subject: Reorder the list of things we detect

---
 README.md | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'README.md')

diff --git a/README.md b/README.md
index deb7352..1b60ce1 100644
--- a/README.md
+++ b/README.md
@@ -21,6 +21,7 @@ files using PHP functions often used in malwares/webshells.
 
 The following list of encoders/obfuscators/webshells are also detected:
 
+* [Bantam](https://github.com/gellin/bantam)
 * [Best PHP Obfuscator]( http://www.pipsomania.com/best_php_obfuscator.do )
 * [Carbylamine]( https://code.google.com/p/carbylamine/ )
 * [Cipher Design]( http://cipherdesign.co.uk/service/php-obfuscator )
@@ -33,12 +34,12 @@ The following list of encoders/obfuscators/webshells are also detected:
 * [Weevely3]( https://github.com/epinna/weevely3 )
 * [atomiku]( http://atomiku.com/online-php-code-obfuscator/ )
 * [cobra obfuscator]( http://obfuscator.uk/example/ )
+* [nano]( https://github.com/UltimateHackers/nano )
+* [novahot]( https://github.com/chrisallenlane/novahot )
 * [phpencode]( http://phpencode.org )
 * [tennc]( http://tennc.github.io/webshell/ )
 * [web-malware-collection]( https://github.com/nikicat/web-malware-collection )
 * [webtoolsvn]( http://www.webtoolsvn.com/en-decode/ )
-* [novahot]( https://github.com/chrisallenlane/novahot )
-* [nano]( https://github.com/UltimateHackers/nano )
 
 
 Of course it's **trivial** to bypass PMF,
-- 
cgit v1.3