137 Open source projects that are alternatives of or similar to Mitigating Web Shells

The Python interface for YARA

A file system forensics analysis scanner and threat hunting tool. Scans file systems at the MFT and OS level and stores data in SQL, SQLite or CSV. Threats and data can be probed harnessing the power and syntax of SQL.

YARA package for Sublime Text

the only php webshell you need.

Modular file scanning/analysis framework

🐚 404 Page Not Found Webshell

Simple yara rule manager

Repository of yara rules

An open source framework for enterprise level automated analysis.

No description, website, or topics provided.

Repository of Yara rules dedicated to Phishing Kits Zip files

A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.

Bypass firewall for traffic forwarding using webshell 一款使用webshell进行流量转发的出网工具

Go bindings for YARA

An ICAP Server with yara scanner for URL and content.

APT & CyberCriminal Campaign Collection

Hamburglar -- collect useful information from urls, directories, and files

Loki - Simple IOC and Incident Response Scanner

a very very fast brute force webshell password tool

Tools for hunting for threats.

PEframe is a open source tool to perform static analysis on Portable Executable malware and malicious MS Office documents.

WALKOFF-enabled applications. #nsacyber

Rust bindings for VirusTotal/Yara

🔍 Offline Analyzer for extracting features, artifacts and IoCs from Windows, Linux, Android, iPhone, Blackberry, macOS binaries, emails and more

Repository of YARA rules made by McAfee ATR Team

A Vim syntax-highlighting file for YARA rules

Yara rule making tool (IDA Pro & Binary Ninja & Cutter Plugin)

Yara Ruleset for scanning Linux servers for shells, spamming, phishing and other webserver baddies

收集自网络各处的 webshell 样本，用于测试 webshell 扫描器检测率。

A Web Malware Scanner

php - asp - aspx

Balbuzard is a package of malware analysis tools in python to extract patterns of interest from suspicious files (IP addresses, domain names, known file headers, interesting strings, etc). It can also crack malware obfuscation such as XOR, ROL, etc by bruteforcing and checking for those patterns.

A webshell framework for penetration testers.

Validates yara rules and tries to repair the broken ones.

CLI tool to analyze PE files

SharPyShell - tiny and obfuscated ASP.NET webshell for C# web applications

Real-time Packet Observation Tool

Detection in the form of Yara, Snort and ClamAV signatures.

Indicators of Compromises (IOC) of our various investigations

YARA malware query accelerator (web frontend)

IoC's, PCRE's, YARA's etc

The NginxExecute module executes the shell command through GET POST and HEAD to display the result.

Investigation Planner for fast running analysis with predictable execution time. For example, static analysis.

Scripts for the Ghidra software reverse engineering suite.

Malice Yara Plugin

findWebshell是一款基于python开发的webshell检测工具。

kubernetes container filebrowser and webshell

Security Knowledge Structure(安全知识汇总)

Tools for parsing rulesets using the exact grammar as YARA. Written in Go.

A collection of PHP backdoors. For educational or testing purposes only.

Real-time, container-based file scanning at enterprise scale

Hex patterns, include patterns and magic files for the use with the ImHex Hex Editor

DIE engine

开源运维平台：面向中小型企业设计的轻量级无Agent的自动化运维平台，整合了主机管理、主机批量执行、主机在线终端、文件在线上传下载、应用发布部署、在线任务计划、配置中心、监控、报警等一系列功能。

a very fast brute force webshell password tool

Nano is a family of PHP web shells which are code golfed for stealth.

A tool to cluster similar executables (PEs, DEXs, and etc), extract common signature, and generate Yara patterns for malware detection.

Signatures and IoCs from public Volexity blog posts.