Description
Finds code pieces, that looks like viruses/trojans inside php source code.
phpunisher alternatives and similar packages
Based on the "Code Analysis" category.
Alternatively, view phpunisher alternatives based on common mentions on social networks and blogs.
-
Go Metalinter
Metalinter is a tool to automatically apply all static analysis tool and report their output in normalized form. -
revive
🔥 ~6x faster, stricter, configurable, extensible, and beautiful drop-in replacement for golint -
go-cleanarch
Clean architecture validator for go, like a The Dependency Rule and interaction between packages in your Go projects. -
goreturns
A gofmt/goimports-like tool for Go programmers that fills in Go return statements with zero values to match the func return types -
go-mod-outdated
Find outdated dependencies of your Go projects. go-mod-outdated provides a table view of the go list -u -m -json all command which lists all dependencies of a Go project and their available minor and patch updates. It also provides a way to filter indirect dependencies and dependencies without updates. -
tickgit
Manage your repository's TODOs, tickets and checklists as config in your codebase. -
GoCover.io
GoCover.io offers the code coverage of any golang package as a service. -
gostatus
A command line tool that shows the status of Go repositories. -
apicompat
apicompat checks recent changes to a Go project for backwards incompatible changes -
ChainJacking
Find which of your direct GitHub dependencies is susceptible to RepoJacking attacks -
testifylint
The Golang linter that checks usage of github.com/stretchr/testify. -
usestdlibvars
A linter that detect the possibility to use variables/constants from the Go standard library. -
tarp
tarp finds functions and methods without direct unit tests in Go source code. -
staticcheck
staticcheck is go vet on steroids, applying a ton of static analysis checks you might be used to from tools like ReSharper for C#. -
gosimple
gosimple is a linter for Go source code that specialises on simplifying code. -
unused
unused checks Go code for unused constants, variables, functions and types. -
blanket
blanket is a tool that helps you catch functions which don't have direct unit tests in your Go packages. -
Golint online
Lints online Go source files on GitHub, Bitbucket and Google Project Hosting using the golint package.
InfluxDB - Power Real-Time Data Analytics at Scale
Do you think we are missing an alternative of phpunisher or a related project?
README
phpunisher
Finds code pieces, that looks like viruses/trojans inside php source code.
Tested on following public malware collections:
- https://github.com/nikicat/web-malware-collection
- https://github.com/nbs-system/php-malware-finder
- https://github.com/mnutsch/Computer-Security---Malware
- https://github.com/sarn1/example-malware-vulnerabilities
- https://github.com/AUCyberClub/php-malwares
- https://github.com/nexylan/PHPAV
- https://github.com/marcocesarato/PHP-Malware-Collection
- https://github.com/ollyxar/php-malware-detector
- https://github.com/planet-work/php-malware-scanner
- https://github.com/bediger4000/php-malware-analysis
- https://github.com/Am0rphous/Malware
- https://github.com/harsxv/malware-bucket
features
- powered by great php-parser library
- selected scanners run in parrallel
- no signatures
- fully customized detection rules
installation
- binaries for Linux, macOS and Windows
usage
~# cd /to/your/php/code
~# phpunisher -report # to see report
~# phpunisher | xargs -d "\n" -n 1 rm # to remove suspicios
or
~# phpunisher -dump-conf > my_rules.yaml
~# $EDITOR my_rules.yaml # edit to suit your needs
~# cd /to/your/php/code
~# phpunisher -conf /path/to/my_rules.yaml -report
flags
-conf string
load scanners config from file
-dump-conf
dump default scanners config to stdout
-mask string
scan masks, use ';' as separator (default "*.php*")
-report
show report for found suspects
-score float
minimal score to threat file as suspect
-version
show version
-workers int
workers count (scan parallelism) (default 2)
scanners
- array-call finds function calls from array elements
- array-ops notifies if array operations amount is over 20% of all operations
- escapes notifies if string literal has more than two escaped symbols
- evals scans for eval expression
- funcs scans againts 'bad function' list (based on this article)
- include notifies if whole file is single include instruction
- long-str notifies if string literal rather long (>64 chars) and does not contains any spaces (encoded blobs)
*Note that all licence references and agreements mentioned in the phpunisher README section above
are relevant to that project's source code only.