:BackdoorMan: A Python open source toolkit that helps you find malicious, hidden and suspicious PHP scripts and shells in a chosen destination, it automates the process of detecting the above.
The main purpose of BackdoorMan is to help web-masters and developers to discover malicious scripts in their site files, because it is quite common for hackers to place a back-door on a site they have hacked. A back-door can give the hacker continued access to the site even if the site owners change account passwords. Back-door scripts will vary from 100s of lines of code to 1 or 2 lines of code and can be merged in hundreds of files which makes it very hard to discover it, especially if the back-door is inactive. There is common ways and tools that can be used including grep, but BackdoorMan automates all the above as described earlier and make it even more easier (at least I hope so).
Shells detect by filename using shells signature database.
Recognition of web back-doors.
Detect the use of suspicious PHP functions and activities.
Use of external services beside its functionalities.
A toolkit that helps you find malicious, hidden and suspicious PHP scripts and shells in a chosen destination.
Author: Yassine Addi <yassineaddi.dev(at)gmail(dot)com>.
NOTE: This tool does not require Internet connection but it is highly recommended to benefit from all features.
–version show program’s version number and exit
-h, –help show this help message and exit
-o OUTPUT, –output=OUTPUT
save output in a file
–no-color do not use colors in the output
–no-info do not show file information
–no-apis do not use APIs during scan (not recommended)
No system is truly secure!
You must be logged in to reply to this topic.