Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/gwillem/magento-malware-scanner

Scanner, signatures and the largest collection of Magento malware
https://github.com/gwillem/magento-malware-scanner

cryptojacking ecommerce fraud-detection infosec magento malware scanner

Last synced: 28 days ago
JSON representation

Scanner, signatures and the largest collection of Magento malware

Host: GitHub
URL: https://github.com/gwillem/magento-malware-scanner
Owner: gwillem
License: gpl-3.0
Created: 2016-09-26T12:44:12.000Z (about 8 years ago)
Default Branch: master
Last Pushed: 2023-12-06T18:07:51.000Z (about 1 year ago)
Last Synced: 2024-10-29T19:08:48.112Z (about 1 month ago)
Topics: cryptojacking, ecommerce, fraud-detection, infosec, magento, malware, scanner
Language: HTML
Homepage:
Size: 4.98 MB
Stars: 680
Watchers: 82
Forks: 153
Open Issues: 7
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: LICENSE.txt

Awesome Lists containing this project

awesome-magento - Magento Malware Scanner
mageres - Magento Malware Scanner - Scanner, signatures and the largest Magento malware collection on earth (Security / Free)
awesome-security-collection - **574**星

README

        
# Scan your store in 5 minutes

eComscan is the mwscan successor and we recommend everyone to upgrade. Scan your system in 5 minutes. Run this command in a SSH terminal:

```

curl https://ecomscan.com | sh

```

Read more about [eComscan](https://sansec.io/?mwscan). It is developed by [Sansec](https://sansec.io/?mwscan), experts in Magento store security and Adobe Commerce security partner. 

### eComscan features

- 50 thousand malware signatures and counting

- Detects vulnerabilities in popular ecommerce platforms (Magento, Woocommerce, Prestashop etc) and third party ecommerce components

- Monitoring of files, databases, processes, cron... 

- Get instant, actionable alerts via mail, Slack or API webhook

The Sansec threat intel team [investigates](https://sansec.io/research?mwscan) hundreds of hacked stores per month, and adds new attack signatures multiple times per day. eComscan is the best solution to protect your Magento store from emerging threats. 

### Sample command line scan 

![Sample CLI scan output](https://sansec.io/assets/posts/screens/screenshotb.png)

### Sample report

![Sample GUI scan output](https://sansec.io/assets/posts/screens/screenshot_mail.png)

# Who uses it?

Mwscan and its successor eComscan are used by Adobe, the [US Department of Homeland Security](https://www.dhs.gov/topic/cybersecurity), the [Magento Marketplace](https://twitter.com/jason_c_cochran/status/850043415194685441), [Magereport](https://www.magereport.com) and many of the [global top ecommerce agencies](https://sansec.io/partners).

# About payment skimming and Magecart

Online payment skimming (aka [MageCart](https://sansec.io/what-is-magecart)) is a growing threat to digital stores. Since our first publication in [2015](https://sansec.io/research/widespread-credit-card-hijacking-discovered/), we identified more than [90.000 compromised stores](https://twitter.com/gwillem/status/1050480393743491074). In most cases, malware is inserted that will a) intercept customer data, b) divert payments or c) uses your customers for cryptojacking.

Privacy watchdogs and online regulators are increasingly handing out fines to companies who suffered a Magecart attack.