https://github.com/arya-f4/worldshellfinder

Web Shell finder using grep, where it has wordlist around the world to grep inside using regex and wordlist. So Lightweight and fast!
https://github.com/arya-f4/worldshellfinder

backdoor backdoor-defense backdoor-finder cyber-security cybersecurity finder finder-shell security security-scanner shell shell-detection shell-detector shell-finder shell-script web-shell webshell worldfind worldshellfinder

Last synced: 10 days ago
JSON representation

Web Shell finder using grep, where it has wordlist around the world to grep inside using regex and wordlist. So Lightweight and fast!

• Host: GitHub
• URL: https://github.com/arya-f4/worldshellfinder
• Owner: Arya-f4
• License: mit
• Created: 2024-09-24T07:52:26.000Z (about 2 months ago)
• Default Branch: master
• Last Pushed: 2024-11-01T08:18:17.000Z (17 days ago)
• Last Synced: 2024-11-08T10:03:01.585Z (10 days ago)
• Topics: backdoor, backdoor-defense, backdoor-finder, cyber-security, cybersecurity, finder, finder-shell, security, security-scanner, shell, shell-detection, shell-detector, shell-finder, shell-script, web-shell, webshell, worldfind, worldshellfinder
• Language: Go
• Homepage:
• Size: 9.33 MB
• Stars: 17
• Watchers: 1
• Forks: 4
• Open Issues: 0
• Metadata Files:
  • Readme: readme.md
  • Contributing: CONTRIBUTING.md
  • License: LICENSE

Awesome Lists containing this project

README

        


## Worldfind: A Simple Webshell Detection Tool

Tired getting hacked and finding where the hacker backdoor is?

Worldfind is a basic web shell finder command-line tool written in Go that helps you identify potential web shell hidden within your web server directories or even in your image file. It works by scanning files for suspicious keywords and regular expressions commonly found in malicious scripts. (also please star)

![shellfind](https://github.com/user-attachments/assets/3fa2513f-5eef-433c-ac7f-92d3e5789397)















  

![Worldshellfinder flow](https://github.com/user-attachments/assets/430df5ec-d1b3-46f8-9fdd-27be51c30d88)


**Disclaimer:** This tool is intended for educational and informational purposes only. It is not a substitute for comprehensive security measures. Use at your own risk. False positives are possible.

### Features:

- Scans files for specified keywords.

- Uses regular expressions to detect common webshell patterns.

- Customizable wordlist (optional).

- Simple and easy to use.

```bash

Usage: worldshellfinder [option]  [wordlist]

Option:

  --update     Update latest version from repository.

  -v           Enable verbose mode.

  -h, --help   Display this help.

```

### Installation:

1. **Prerequisites:** Make sure you have Go installed on your system.

   - You can download and install it from [https://go.dev/dl/](https://go.dev/dl/).

2. **Download Worldfind:**

   - Clone the repository: `git clone https://github.com/Arya-f4/worldshellfinder.git`

   - Or download the source code as a ZIP file and extract it.

3. **Build the Executable:**

   - Open a terminal and navigate to the worldfind directory.

   - Run the command: `go build`

   - This will create an executable file named `worldfind` in the same directory.

### Alternative Installation & update : 

Setting go path environment (linux & MAC) :

```bash

export PATH=$PATH:/home/profile/go/bin

```

replace the profile with your current profile

And then install via go install (linux, windows & MAC) : 

```bash

go install -v github.com/Arya-f4/worldshellfinder@latest

```

### Usage:

0. **Building and compiling to executable**

   ```bash

   go build -o worldshellfinder

   ```

   you can replace the worldfind with your desired name of application and also change the bash command.

1. **Basic Scan:**

   ```bash

   ./worldshellfinder  

   ```

   - Replace `` with the path to the directory you want to scan.

2. **Custom Wordlist:**

   ```bash

   ./worldshellfinder  

   ```

   - Replace `` with the path to your custom wordlist file.

  

### Alternative Usage:

1. **After installation using go install simply just type :**

   ```bash

   worldshellfinder [option]  [wordlist]

   ```

**Wordlist Format:**

The wordlist should be a plain text file with one keyword per line. You can use the provided `wordlists/default.txt` file as a starting point.

**Example:**

```bash

./worldshellfinder /var/www/html wordlists/my_wordlist.txt

```

This command will scan the `/var/www/html` directory using keywords from the `wordlists/my_wordlist.txt` file.

### To Know :

This tools is using keyword that unique inside the shell to get as reference

here is the list of the known shell :

[List Of Known Shell and Already Detected](list_find_already_shell.md)

### Contributing:

Contributions are welcome! Please feel free to submit pull requests for new features, improvements, or bug fixes.

**Please note:** This tool is under development and may be updated in the future.

## Compatibility :

- Windows

- Linux

- Mac (Compile it Yourself)

[![Go](https://github.com/Arya-f4/worldshellfinder/actions/workflows/go.yml/badge.svg)](https://github.com/Arya-f4/worldshellfinder/actions/workflows/go.yml)