cylab-be/webshell-detector

Webshell detector

Maintainers

Details

github.com/cylab-be/webshell-detector

Homepage

Source

Issues

Installs: 6

Dependents: 0

Suggesters: 0

Security: 0

Stars: 2

Watchers: 4

Forks: 0

Open Issues: 3

1.0.2 2018-03-12 04:18 UTC

Requires

Requires (Dev)

MIT d13f2b002103d5f06936ed1b5e5575da82bd3ebf

  • Enzo Borel <borelenzo.woop@gmail.com>
  • Thibault Debatty <thibault.debatty.woop@gmail.com>

This package is not auto-updated.

Last update: 2024-11-10 06:43:57 UTC

README

pipeline status Latest Stable Version Total Downloads Latest Unstable Version License

Developement now taks place at https://gitlab.cylab.be/cylab/webshell-detector

Installation and usage

The webshell detector can be integrated as a composer library to your project, or you can run it from the command line.

As a library

composer require cylab-be/webshell-detector

require_once "vendor/autoload.php";

use RUCD\WebshellDetector\Detector;

$detector = new Detector();
echo $detector->analyzeFile("strange_file.php");

From the command line

Download the runnable PHAR from the Releases pages.

To run:

webshell-detector.phar analyze:directory /path/to/directory

You can modify the "sensitivity" of the detector, by modifying the threshold for displaying files. This will display the suspiciousness score of every files:

webshell-detector.phar analyze:directory -t 0.0 /path/to/directory

The default threshold used by the tool is 0.4