Download the PHP package marcocesarato/amwscan without Composer

On this page you can find all versions of the php package marcocesarato/amwscan. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Informations about the package amwscan

![Version](images/logo.png)

PHP Antimalware Scanner

![Version](https://img.shields.io/badge/version-0.14.0-brightgreen?style=for-the-badge) ![Requirements](https://img.shields.io/badge/php-%3E%3D%205.5-4F5D95?style=for-the-badge) ![Code Style](https://img.shields.io/badge/code%20style-PSR-blue?style=for-the-badge) ![License](https://img.shields.io/github/license/marcocesarato/PHP-Antimalware-Scanner?style=for-the-badge) [![GitHub](https://img.shields.io/badge/GitHub-Repo-6f42c1?style=for-the-badge)](https://github.com/marcocesarato/PHP-Antimalware-Scanner) #### If this project helped you out, please support us with a star :star: [Documentation](https://marcocesarato.github.io/PHP-Antimalware-Scanner/)

Description

PHP Antimalware Scanner is a free tool to scan PHP files and analyze your project to find any malicious code inside it.

It provides an interactive text terminal console interface to scan a file, or all files in a given directory (file paths can also be managed using --filter-paths or --ignore-paths), and find PHP code files that seem to contain malicious code. When a probable malware is detected, will be asked what action to take (like add to the whitelist, delete files, try clean infected code, etc).

The package can also scan the PHP files in a report mode (--report|-r), so without interacting and outputting anything to the terminal console. In that case, the results will be stored in a report file in HTML (default) or text format (--report-format <format>).

This scanner can work on your own php projects and on a lot of other platforms using the right combination of configurations (ex. using --lite|-l flag can help to find less false positivity).

:warning: Remember that you will be solely responsible for any damage to your computer system or loss of data that results from such activities. You are solely responsible for adequate protection and backup of the data before executing the scanner.

How to contribute

Have an idea? Found a bug? Please raise to ISSUES or PULL REQUEST. Contributions are welcome and are greatly appreciated! Every little bit helps.

:blue_book: Requirements

:book: Install

Release

You can use one of these methods to install the scanner by downloading it from GitHub or directly from the console.

Download

Go to the GitHub page and press on the Releases tab or download the raw file from:

Download

Console

  1. Run this command from the console (the scanner will be downloaded to your current directory):

    wget https://raw.githubusercontent.com/marcocesarato/PHP-Antimalware-Scanner/master/dist/scanner

  2. Run the scanner:

    php scanner ./dir-to-scan -l ...

  3. (Optional) Install as bin command (Unix Bash)

    Run this command:

    Now you can run the scanner simply with this command: awscan ./dir-to-scan -l...

Source

Download

Click the GitHub page "Clone or download" or download from:

Download

Git
  1. Install git
  2. Copy the command and link from below in your terminal: git clone https://github.com/marcocesarato/PHP-Antimalware-Scanner
  3. Change directories to the new ~/PHP-Antimalware-Scanner directory: cd ~/PHP-Antimalware-Scanner/
  4. To ensure that your master branch is up-to-date, use the pull command: git pull https://github.com/marcocesarato/PHP-Antimalware-Scanner
  5. Enjoy

:whale: Docker

  1. Download the source
  2. Build command docker build --tag amwscan-docker .
  3. Run command docker run -it --rm amwscan-docker bash

:mag_right: Scanning mode

The first think you need to decide is the strength, you need to calibrate your scan to find less false positive as possible during scanning without miss for real malware. For this you can choose the aggression level.

The scanner permit to have some predefined modes:

Mode Alias 🚀 Description
None (default) 🔴 Search for all functions, exploits and malware signs without any restrictions
Only exploits -e 🟠 Search only for exploits definitions
Use flag: --only-exploits
Lite mode -l 🟡 Search for exploits with some restrictions and malware signs (on Wordpress and others platform could detect less false positivity)
Use flag: --lite
Only functions -f 🟡 Search only for functions (on some obfuscated code functions couldn't be detected)
Use flag: --only-functions
Only signatures -s 🟢 Search only for malware signatures (could be a good solution for Wordpress and others platform to detect less false positivity)
Use flag: --only-signatures

:computer: Usage

Command line

Doesn't work?

In case above command doesn't work, you can use script responsible for malware scan manually by executing: php dist/scanner <path>

To check all options check the Documentation

Suggestions

If you are running the scanner on a Wordpress project or other popular platform use --only-signatures or --lite flag to have check with less false positive but this could miss some dangerous exploits like nano.

Programmatically

On programmatically silent mode and auto skip are automatically enabled.

Report Object

:art: Screenshots

Report

HTML report format (default)

Interactive CLI


All versions of amwscan with dependencies

PHP Build Version
Package Version
Requires php Version >=5.5
ext-json Version *
ext-fileinfo Version *
ext-zlib Version *
ext-mbstring Version *
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package marcocesarato/amwscan contains the following files

Loading the files please wait ....