Popularity
0.5
Growing
Activity
0.0
-
4
1
0
Description
Finds code pieces, that looks like viruses/trojans inside php source code.
Programming language: Go
License: MIT License
phpunisher alternatives and similar packages
Based on the "Code Analysis" category.
Alternatively, view phpunisher alternatives based on common mentions on social networks and blogs.
-
-
-
Go Metalinter
Metalinter is a tool to automatically apply all static analysis tool and report their output in normalized form. -
go-cleanarch
Clean architecture validator for go, like a The Dependency Rule and interaction between packages in your Go projects. -
go-mod-outdated
Find outdated dependencies of your Go projects. go-mod-outdated provides a table view of the go list -u -m -json all command which lists all dependencies of a Go project and their available minor and patch updates. It also provides a way to filter indirect dependencies and dependencies without updates. -
-
goreturns
A gofmt/goimports-like tool for Go programmers that fills in Go return statements with zero values to match the func return types -
tickgit
Manage your repository's TODOs, tickets and checklists as config in your codebase. -
GoCover.io
GoCover.io offers the code coverage of any golang package as a service. -
gostatus
A command line tool that shows the status of Go repositories. -
apicompat
apicompat checks recent changes to a Go project for backwards incompatible changes -
-
-
ChainJacking
Find which of your direct GitHub dependencies is susceptible to RepoJacking attacks -
-
usestdlibvars
A linter that detect the possibility to use variables/constants from the Go standard library. -
-
tarp
tarp finds functions and methods without direct unit tests in Go source code. -
gosimple
gosimple is a linter for Go source code that specialises on simplifying code. -
staticcheck
staticcheck is go vet on steroids, applying a ton of static analysis checks you might be used to from tools like ReSharper for C#. -
Golint online
Lints online Go source files on GitHub, Bitbucket and Google Project Hosting using the golint package. -
unused
unused checks Go code for unused constants, variables, functions and types.
Clean code begins in your IDE with SonarLint
Up your coding game and discover issues early. SonarLint is a free plugin that helps you find & fix bugs and security issues from the moment you start writing code. Install from your favorite IDE marketplace today.
Promo
www.sonarlint.org
Do you think we are missing an alternative of phpunisher or a related project?
|
Access the most powerful time series database as a service
sponsored
www.influxdata.com
|
Popular Comparisons
-
phpunishervsgosimple
-
staticcheckvsGoLint
-
goreturnsvsgoimports
-
GoLintvsgo-checkstyle
-
GoLintvsgoimports
|
SaaSHub - Software Alternatives and Reviews
sponsored
www.saashub.com
|
README
[
phpunisher
Finds code pieces, that looks like viruses/trojans inside php source code.
Tested on following public malware collections:
- https://github.com/nikicat/web-malware-collection
- https://github.com/nbs-system/php-malware-finder
- https://github.com/mnutsch/Computer-Security---Malware
- https://github.com/sarn1/example-malware-vulnerabilities
- https://github.com/AUCyberClub/php-malwares
- https://github.com/nexylan/PHPAV
- https://github.com/marcocesarato/PHP-Malware-Collection
- https://github.com/ollyxar/php-malware-detector
- https://github.com/planet-work/php-malware-scanner
- https://github.com/bediger4000/php-malware-analysis
- https://github.com/Am0rphous/Malware
- https://github.com/harsxv/malware-bucket
features
- powered by great php-parser library
- selected scanners run in parrallel
- no signatures
- fully customized detection rules
installation
- binaries for Linux, macOS and Windows
usage
~# cd /to/your/php/code
~# phpunisher -report # to see report
~# phpunisher | xargs -d "\n" -n 1 rm # to remove suspicios
or
~# phpunisher -dump-conf > my_rules.yaml
~# $EDITOR my_rules.yaml # edit to suit your needs
~# cd /to/your/php/code
~# phpunisher -conf /path/to/my_rules.yaml -report
flags
-conf string
load scanners config from file
-dump-conf
dump default scanners config to stdout
-mask string
scan masks, use ';' as separator (default "*.php*")
-report
show report for found suspects
-score float
minimal score to threat file as suspect
-version
show version
-workers int
workers count (scan parallelism) (default 2)
scanners
- array-call finds function calls from array elements
- array-ops notifies if array operations amount is over 20% of all operations
- escapes notifies if string literal has more than two escaped symbols
- evals scans for eval expression
- funcs scans againts 'bad function' list (based on this article)
- include notifies if whole file is single include instruction
- long-str notifies if string literal rather long (>64 chars) and does not contains any spaces (encoded blobs)
*Note that all licence references and agreements mentioned in the phpunisher README section above
are relevant to that project's source code only.