{"id":39148053,"url":"https://github.com/daryllundy/wp-ai-security-scanner","last_synced_at":"2026-01-17T21:37:16.092Z","repository":{"id":303685840,"uuid":"1016125696","full_name":"daryllundy/wp-ai-security-scanner","owner":"daryllundy","description":"An AI-powered WordPress security scanner with intelligent threat detection and automated remediation capabilities","archived":false,"fork":false,"pushed_at":"2026-01-16T06:59:18.000Z","size":158,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-01-16T21:54:17.401Z","etag":null,"topics":["ai","cybersecurity","gpt-4","machine-learning","malware-detection","php","security","threat-detection","virustotal","wordpress"],"latest_commit_sha":null,"homepage":"","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/daryllundy.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-07-08T14:23:41.000Z","updated_at":"2026-01-16T06:59:22.000Z","dependencies_parsed_at":null,"dependency_job_id":"df2bd4c6-0c1e-418c-995f-793ca6b897ea","html_url":"https://github.com/daryllundy/wp-ai-security-scanner","commit_stats":null,"previous_names":["daryllundy/wp-ai-security-scanner"],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/daryllundy/wp-ai-security-scanner","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/daryllundy%2Fwp-ai-security-scanner","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/daryllundy%2Fwp-ai-security-scanner/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/daryllundy%2Fwp-ai-security-scanner/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/daryllundy%2Fwp-ai-security-scanner/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/daryllundy","download_url":"https://codeload.github.com/daryllundy/wp-ai-security-scanner/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/daryllundy%2Fwp-ai-security-scanner/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28518644,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-17T18:55:29.170Z","status":"ssl_error","status_checked_at":"2026-01-17T18:55:03.375Z","response_time":85,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ai","cybersecurity","gpt-4","machine-learning","malware-detection","php","security","threat-detection","virustotal","wordpress"],"created_at":"2026-01-17T21:37:16.004Z","updated_at":"2026-01-17T21:37:16.070Z","avatar_url":"https://github.com/daryllundy.png","language":"PHP","funding_links":[],"categories":[],"sub_categories":[],"readme":"# WordPress AI Security Scanner Plugin\n\n**Production-ready WordPress plugin for AI-powered security scanning and threat detection.**\n\n[![Version](https://img.shields.io/badge/version-1.1.1-blue.svg)](https://github.com/daryllundy/wp-ai-security-scanner/releases/tag/v1.1.1)\n[![WordPress](https://img.shields.io/badge/WordPress-5.5%2B-blue.svg)](https://wordpress.org/)\n[![PHP](https://img.shields.io/badge/PHP-7.4%2B-777BB4.svg)](https://www.php.net/)\n[![License](https://img.shields.io/badge/license-GPL%20v2-green.svg)](LICENSE)\n\nAn AI-powered WordPress security scanner with intelligent threat detection and automated remediation capabilities. Combines traditional security scanning with artificial intelligence to provide proactive threat detection, malware identification, and security hardening recommendations.\n\n## Quick Start\n\n### Download \u0026 Install from GitHub Releases\n\n**Recommended method for production use:**\n\n1. **Download the latest release:**\n - Go to [Releases](https://github.com/daryllundy/wp-ai-security-scanner/releases/latest)\n - Download `wp-ai-security-scanner-v1.1.1.zip`\n\n2. **Install via WordPress Admin:**\n - Log in to your WordPress admin panel\n - Go to **Plugins โ†’ Add New โ†’ Upload Plugin**\n - Click **Choose File** and select the downloaded zip file\n - Click **Install Now**\n - Click **Activate Plugin**\n\n3. **Access the plugin:**\n - Navigate to **AI Security Scanner** in the admin menu\n - Start your first security scan!\n\n### Alternative Installation Methods\n\n**Manual Installation:**\n```bash\ncd /path/to/wordpress/wp-content/plugins/\nunzip wp-ai-security-scanner-v1.1.1.zip\n```\nThen activate through WordPress admin panel.\n\n**Development Installation:**\n```bash\ncd /path/to/wordpress/wp-content/plugins/\ngit clone https://github.com/daryllundy/wp-ai-security-scanner.git\n```\nThen activate through WordPress admin panel.\n\n## Features\n\n### Core Security Capabilities\n- ๐Ÿค– **AI-Powered Malware Detection** - 5-layer detection pipeline with entropy analysis, heuristics, and optional cloud AI\n- ๐Ÿ” **Smart Vulnerability Scanning** - Pattern-based detection of OWASP top 10 vulnerabilities\n- ๐Ÿ“Š **File Integrity Monitoring** - Hash-based file change detection with confidence scoring\n- ๐Ÿง  **Behavioral Analysis** - Code behavior pattern recognition for WordPress-specific threats\n- ๐Ÿ”’ **Automated Quarantine System** - Safe file isolation with backup and restoration\n- โšก **Real-Time Scanning** - Comprehensive file system analysis with live progress tracking\n- ๐Ÿ“ˆ **Comprehensive Reporting** - Detailed threat analysis with severity rankings\n\n### Security \u0026 Privacy\n- ๐Ÿ” **AES-256-CBC Encryption** - Secure storage of API keys and sensitive data\n- ๐Ÿ›ก๏ธ **Rate Limiting** - Automatic throttling for external API calls\n- ๐Ÿ“ **Audit Logging** - Complete security event tracking and activity monitoring\n- ๐Ÿ  **Privacy-First** - All primary analysis occurs locally\n- โœ… **CSRF Protection** - Input sanitization and WordPress nonce verification\n- ๐Ÿ”‘ **Role-Based Access** - Integration with WordPress capability system\n\n### Performance\n- โšก Scans **1000+ files per minute**\n- ๐Ÿ’พ Memory usage **\u003c 64MB** during active scanning\n- ๐ŸŽฏ CPU impact **\u003c 10%** utilization during background scans\n- โฑ๏ธ Dashboard load time **\u003c 2 seconds**\n\n## Requirements\n\n- WordPress 5.5 or higher\n- PHP 7.4 or higher\n- MySQL 5.7 or higher\n- 256MB RAM (recommended)\n\n## API Integration Setup (Optional)\n\nThe plugin supports optional AI-powered analysis through external APIs:\n\n### OpenAI Integration\n\n1. Get an API key from [OpenAI Platform](https://platform.openai.com/api-keys)\n2. Go to **AI Security Scanner** โ†’ **Settings**\n3. Enable \"OpenAI Integration\"\n4. Enter your API key\n5. Click \"Test API Key\" to verify\n\n**Benefits:**\n- Advanced code analysis with GPT-4\n- Natural language threat descriptions\n- Context-aware malware detection\n- Enhanced zero-day threat identification\n\n**Cost:** ~$0.01-0.03 per file analyzed (pay-per-use)\n\n### VirusTotal Integration\n\n1. Get a free API key from [VirusTotal](https://www.virustotal.com/gui/join-us)\n2. Go to **AI Security Scanner** โ†’ **Settings**\n3. Enable \"VirusTotal Integration\"\n4. Enter your API key\n5. Click \"Test API Key\" to verify\n\n**Benefits:**\n- Hash-based malware verification\n- Global threat intelligence database\n- Multi-engine malware detection\n- Known threat identification\n\n**Limits:** Free tier includes 1000 requests/day\n\n## Usage\n\n### Starting a Scan\n\n1. Go to **AI Security Scanner** โ†’ **Dashboard**\n2. Click **Start Full Scan** or **Quick Scan**\n3. Monitor progress in real-time\n4. Review results when complete\n\n### Managing Threats\n\n- **View Details**: Click \"View\" to see threat specifics\n- **Quarantine**: Safely isolate malicious files\n- **Ignore**: Mark false positives\n- **Clean**: Automatically remove threats (when available)\n\n### Configuration\n\nGo to **AI Security Scanner** โ†’ **Settings** to configure:\n\n- Scan paths and file types\n- Email notifications\n- Scan frequency\n- File size limits\n- OpenAI API integration\n- VirusTotal API integration\n\n## Security Features\n\n### File Quarantine\n- Automatic backup creation\n- Safe file replacement\n- One-click restoration\n- Secure storage in protected directory\n\n### Threat Detection\n- Signature-based scanning\n- Heuristic analysis\n- Behavioral pattern recognition\n- Confidence scoring system\n\n### Notifications\n- Email alerts for critical threats\n- Real-time dashboard updates\n- Scheduled scan reports\n- Quarantine notifications\n\n## Developer Information\n\n### Architecture\n\nThe plugin follows WordPress coding standards and uses:\n\n- **Object-oriented PHP**: Clean, maintainable code structure\n- **WordPress APIs**: Native hooks, filters, and database functions\n- **Custom Database Tables**: Optimized storage for scan results\n- **jQuery-based Admin UI**: Responsive AJAX interface with real-time updates\n- **Cron Integration**: Scheduled background scanning\n\n### Database Schema\n\nThe plugin creates four custom tables:\n\n- `wp_ai_scanner_results`: Scan results and threat data\n- `wp_ai_scanner_config`: Configuration and signature storage\n- `wp_ai_scanner_quarantine`: Quarantined file management\n- `wp_ai_scanner_audit_log`: Security audit trail and activity logging\n\n### Testing\n\n**Full test suite with 83 tests** covering all major functionality.\n\nRun the test suite with PHPUnit:\n\n```bash\n# Install development dependencies first (if needed)\ncomposer install --dev\n\n# Run all tests\nphpunit\n\n# Run specific test file\nphpunit tests/test-malware-detector.php\n\n# Run with coverage report\nphpunit --coverage-html coverage/\n```\n\n**Test Coverage:**\n- Database operations (7 tests)\n- File scanning engine (10 tests)\n- Malware detection algorithms (29 tests)\n- Security features including encryption and rate limiting (13 tests)\n- Enhanced scanner functionality (12 tests)\n- Admin API integration (12 tests)\n\nAll tests use WordPress test framework and mock WordPress functions for unit testing.\n\n### Performance\n\n- **Scan Speed**: 1000+ files per minute\n- **Memory Usage**: \u003c64MB during scanning\n- **CPU Impact**: \u003c10% utilization\n- **File Size Limit**: Configurable (default 10MB)\n\n## Plugin File Structure\n\n**Production Release Structure:**\n```\nwp-ai-security-scanner/\nโ”œโ”€โ”€ wp-ai-security-scanner.php # Main plugin file\nโ”œโ”€โ”€ includes/\nโ”‚ โ”œโ”€โ”€ class-database.php # Database operations\nโ”‚ โ”œโ”€โ”€ class-scanner.php # File scanning engine\nโ”‚ โ”œโ”€โ”€ class-malware-detector.php # Threat detection (multi-layer pipeline)\nโ”‚ โ”œโ”€โ”€ class-admin.php # Admin interface\nโ”‚ โ””โ”€โ”€ class-security-features.php # Security operations (encryption, rate limiting)\nโ”œโ”€โ”€ assets/\nโ”‚ โ”œโ”€โ”€ css/admin.css # Admin styling\nโ”‚ โ””โ”€โ”€ js/admin.js # jQuery-based admin interface\nโ”œโ”€โ”€ docs/\nโ”‚ โ””โ”€โ”€ ALGORITHM_DOCUMENTATION.md # Detection algorithm details\nโ””โ”€โ”€ README.md # Documentation\n```\n\n**Development Repository Structure:**\n\nThe full repository includes additional development files:\n- `demo/` - Docker-based demo environment with sample threats\n- `tests/` - PHPUnit test suite (83 tests across 6 test files)\n- `phpunit.xml` - Test configuration\n\nThese files are excluded from the production release zip.\n\n## Threat Detection Capabilities\n\n### Signature-Based Detection\n- Eval obfuscation patterns\n- File inclusion vulnerabilities\n- Shell execution attempts\n- Known backdoor patterns\n- Base64 encoded payloads\n- Cryptocurrency mining code\n- SQL injection attempts\n- WordPress-specific exploits\n\n### Heuristic Analysis\n- Suspicious function usage\n- Dynamic file inclusions\n- Direct user input handling\n- Code obfuscation detection\n- Entropy analysis\n- Behavioral pattern recognition\n\n### AI-Powered Features\n\n**Detection Capabilities:**\n- **Entropy Analysis**: Shannon entropy calculation to detect encrypted/obfuscated code\n- **Behavioral Scoring**: Cumulative risk scoring based on suspicious patterns\n- **Obfuscation Detection**: Multi-factor scoring for code obfuscation\n- **OpenAI GPT-4 Integration**: Advanced code analysis with natural language understanding (optional)\n- **VirusTotal API**: Hash-based malware verification with 70+ antivirus engines (optional)\n- **Confidence Scoring**: Multi-source threat validation with severity ranking\n\n## Security Considerations\n\n- **Local processing**: Primary analysis occurs locally for privacy\n- **API Security**: Secure API communications with OpenAI and VirusTotal (optional)\n- **Data Protection**: AES-256-CBC encryption for API keys with secure key generation\n- **Access Control**: Role-based access control with WordPress capabilities\n- **Input Validation**: Comprehensive sanitization and CSRF protection\n- **Audit Logging**: Complete activity tracking for security events (scan events, threats, quarantine actions, settings changes)\n\n### API Integration Security\n\n- **API Keys**: Stored with AES-256-CBC encryption in WordPress options\n- **Rate Limiting**: Automatic throttling (20 req/min OpenAI, 4 req/min VirusTotal)\n- **Error Handling**: Graceful degradation when APIs are unavailable or rate limited\n- **Privacy**: File contents sent to APIs only when locally flagged as suspicious\n- **Validation**: Real-time API key validation and testing\n\n## License\n\nGPL v2 or later\n\n## Support\n\nFor technical support or feature requests, please contact the plugin developer.\n\n## Project Status\n\nโœ… **Phase 1: Complete** - Full plugin functionality with comprehensive test suite\n\nThe plugin is production-ready and suitable for:\n- Portfolio demonstration of WordPress development skills\n- Real-world security scanning (with appropriate precautions)\n- Educational purposes and security research\n- Small to medium WordPress installations\n\n**Test Coverage:**\n- 83 tests across 6 test files\n- Database operations (7 tests)\n- Scanner engine (10 tests)\n- Malware detection (29 tests)\n- Security features (13 tests)\n- Enhanced scanning (12 tests)\n- Admin API integration (12 tests)\n\n**Demo Environment:**\n- Docker-based WordPress installation\n- 13 realistic malware samples for testing (includes EICAR)\n- Fully automated setup via `demo/start-demo.sh` and wp-cli\n\n## Contributing \u0026 Development\n\nThis project is part of a portfolio for a WordPress Support Engineer role. While it's a personal portfolio project, issues and suggestions are welcome.\n\n**Development Setup:**\n```bash\n# Clone the repository\ngit clone https://github.com/daryllundy/wp-ai-security-scanner.git\ncd wp-ai-security-scanner\n\n# Run tests\nphpunit\n\n# Start demo environment\ncd demo\n./start-demo.sh\n```\n\nFor detailed algorithm documentation, see [docs/ALGORITHM_DOCUMENTATION.md](docs/ALGORITHM_DOCUMENTATION.md).\n\n## Changelog\n\n### [Version 1.1.1](https://github.com/daryllundy/wp-ai-security-scanner/releases/tag/v1.1.1) - 2026-01-15\n- ๐Ÿงช Added fully automated offline demo with wp-cli setup\n- ๐Ÿงญ Added dynamic port selection for demo services\n- ๐Ÿงฌ Added EICAR sample to demo dataset\n\n### [Version 1.1.0](https://github.com/daryllundy/wp-ai-security-scanner/releases/tag/v1.1.0) - 2025-12-08\n- โœจ Added AES-256-CBC encryption for API key storage\n- ๐Ÿ›ก๏ธ Added rate limiting for external API calls (OpenAI: 20 req/min, VirusTotal: 4 req/min)\n- ๐Ÿ“ Added comprehensive audit logging system\n- ๐Ÿ—„๏ธ Added audit log database table\n- ๐Ÿ”’ Improved security event tracking\n- ๐Ÿ“š Updated test coverage documentation\n- ๐ŸŽ **First official release** with production-ready zip file\n\n### Version 1.0.0 - Initial Development\n- Core scanning engine\n- AI-powered threat detection\n- WordPress admin integration\n- Quarantine system\n- Comprehensive test suite\n\n## Download\n\n**Latest Release:** [v1.1.1](https://github.com/daryllundy/wp-ai-security-scanner/releases/tag/v1.1.1)\n\nDownload the production-ready plugin: [wp-ai-security-scanner-v1.1.1.zip](https://github.com/daryllundy/wp-ai-security-scanner/releases/download/v1.1.1/wp-ai-security-scanner-v1.1.1.zip)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdaryllundy%2Fwp-ai-security-scanner","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdaryllundy%2Fwp-ai-security-scanner","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdaryllundy%2Fwp-ai-security-scanner/lists"}