https://github.com/generoi/detect-exploits

Detect common exploit patterns in Drupal and Wordpress
https://github.com/generoi/detect-exploits

Last synced: 26 days ago
JSON representation

Detect common exploit patterns in Drupal and Wordpress

• Host: GitHub
• URL: https://github.com/generoi/detect-exploits
• Owner: generoi
• Created: 2015-08-09T05:15:50.000Z (almost 11 years ago)
• Default Branch: master
• Last Pushed: 2015-08-13T02:57:09.000Z (almost 11 years ago)
• Last Synced: 2025-12-26T06:16:16.568Z (6 months ago)
• Language: Shell
• Size: 145 KB
• Stars: 3
• Watchers: 21
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# detect-exploits [![Build Status](https://travis-ci.org/generoi/detect-exploits.svg)](https://travis-ci.org/generoi/detect-exploits)

A simple bash script to scan for exploits in WordPress and Drupal.

## Dependencies

Modern GNU grep and GNU find.

## Install

```bash

make install

```

## Usage

```bash

detect-exploits [OPTION]... DIR

A simple bash script to scan for exploits in WordPress and Drupal.

 Usage:

   detect-exploits /var/www/drupal

     Run all scans on the drupal directory.

   detect-exploits --scan-keywords /var/www/drupal

     Run the keywords scan on the drupal directory.

   detect-exploits --owner=foo --group=bar --web-group=baz /var/www/drupal

     Specify the file ownership fo the permissions scan.

 Options:

  --scan-keywords    Scan for odd keywords within PHP files.

  --scan-uploads     Scan for odd files in the uploads directory

  --scan-filenames   Scan for suspicious filenames

  --scan-duplicates  Scan for duplicate installations

  --scan-permissions Scan file permissions

  --owner            The owner of the system files during a file permissions scan.

                     Defaults to user running the script.

  --group            The group of the system files during a file permissions scan

                     Defaults to user running the script.

  --web-group        The web server group for generated files during a file permissions scan

                     Defaults to www-data, apache, or httpd.

  -f, --force        Skip all user interaction

  -q, --quiet        Quiet (no output)

  -v, --verbose      Output more

  -h, --help         Display this help and exit

      --version      Output version information and exit

```

## Running tests

Install the development dependencies

```bash

make dev-install

```

Run all the tests using:

```bash

make test

```

Or you can cherry pick tests using bats directly

```bash

bats test/*.bats

```