The Malware Scanner is a Bash script designed to scan any PHP-based web application for security threats, file integrity issues, and known malware signatures. It helps administrators and developers identify potential security risks in their applications.
- File Integrity Check: Compares PHP file checksums to detect modifications.
- Malware Scan: Detects known malware patterns in PHP files.
- Suspicious Code Detection: Identifies risky functions commonly used in malicious scripts.
- Automatic Cleanup: Removes temporary scan files after execution.
- Linux/Unix-based system with Bash
md5sum,grep,find, andcurlinstalled- Internet connection for checksum verification (optional)
- Clone or download this repository:
git clone https://github.com/masdzub/malware-scanner.git cd malware-scanner - Ensure the script is executable:
chmod +x malware-scanner.sh
Run the scanner by providing the root directory of the PHP application:
./malware-scanner.sh /path/to/php-application./malware-scanner.sh /var/www/htmlThe script will output findings categorized as:
- Modified Files: Lists PHP files that have been altered.
- Potential Malware: Reports files containing known malicious patterns.
- Suspicious Code: Identifies the presence of risky functions.
The script uses a signature file located in ./signatures/patterns.txt. You can add or remove patterns to refine the scan results.
This script is a basic security tool and does not replace professional security auditing. Use it as a preliminary step to enhance security.
MIT License
Feel free to submit issues or pull requests to improve the scanner!
Dzubayyan Ahmad