Awesome
Shell Detector
<img src="http://www.emposha.com/wp-content/uploads/2011/07/shelldetect3-300x201.png" width="100" align="left" style="padding-right: 4px;" /> Shell Detector – is a application that helps you find and identify php/cgi(perl)/asp/aspx shells. Shell Detector has a “web shells” signature database that helps to identify “web shell” up to 99%.Shell Detector is released under the MIT License http://www.opensource.org/licenses/mit-license.php
More information and support at http://www.shelldetector.com
Special thanks to "JetBrains" for PyCharm licence!
Detection
Number of known shells: 604
Requirements
Python 2.x
Usage
wget https://raw.github.com/emposha/Shell-Detector/master/shelldetect.py
python shelldetect.py -r True -d ./
Options
- -d (--directory) - specify directory to scan
- -e (--extension) - specify file extensions that should be scanned, seperate by comma
- -l (--linenumbers) - show line number where suspicious function used
- -r (--remote) - get shells signatures db from github
Changelog
-
1.1 Full rewrite, preparing for standalone version.
-
1.0 First version