How web malware scanner works?

Comodo Web malware scanner uses advanced malware detection technologies to identify viruses and malicious code on a web page. It is a cloud-based service that can detect continuous security threats and attacks on e-commerce websites. Further, the Web Inspector also utilizes sophisticated technologies such as

Dynamic page analysis,
Signature based detection
Buffer overflow detection
Heuristic detection techniques

Links of malware hack check tools :

• Loki
• phpscanner
• php-malware-finder
• php-malware-scanner
• Yasca
• acunetix
• RIPS-scanner
• nikto2
• phpsecaudit
• sectools
• phpsec

Loki

Simple IOC Scanner
Scanner for Simple Indicators of Compromise

phpscanner

PHP scanner written in Python for identifying PHP backdoors and php malicious code. This tool is mainly reusing below mentioned tools. To use this tool, you need to install yara library for Python from the source.

php-malware-finder

Does its very best to detect obfuscated/dodgy code as well as files using PHP functions often used in malwares/webshells. Detection is performed by crawling the filesystem and testing files against a set of YARA rules.

php-malware-scanner

Scans the current working directory and display results with the score greater than the given value. Released under the MIT license.

Yasca (GitHub)

an open source program which looks for security vulnerabilities, code-quality, performance, and conformance.

acunetix Web Security Scanner

Acunetix WVS automatically checks your web applications for SQL Injection, XSS & other web vulnerabilities.

RIPS

A static source code analyser for vulnerabilities in PHP .scripts

nikto2

an open source web server scanner which performs comprehensive tests against web servers for multiple items, including potentially dangerous files/program.

ClamAV extension for PHP (php-clamav) - a fork of the php-clamavlib project allows to incorporate virus scanning features in your PHP scripts.

Older projects: securityscanner, phpsecaudit.

Check also the following security websites:

sectools.org

phpsec.org PHP Security Consortium

    Founded in January 2005, the PHP Security Consortium (PHPSC) is an international group of PHP experts dedicated to promoting secure programming practices within the PHP community. Members of the PHPSC seek to educate PHP developers about security through a variety of resources, including documentation, tools, and standards.

This tool is going to check if any URLs from your site are currently listed in a couple of Phishing DBs. If it finds any the tool will let you know if Google has the URL flagged for Social Engineering. It is also going to check the URL you enter to see if it is currently listed in Google’s Malware API, if Google has the URL flagged.

When you submit the tool will query the API to see if the URL is listed and respond with -

null -> The URL/domain is not currently flagged by Google, not in the Safe Browsing API.
MALWARE -> The domain is currently flagged by Google as malicious
SOCIAL_ENGINEERING -> The URL is currently flagged by Google as a SOCIAL_ENGINEERING URL, either "traditional phishing" OR deceptive content - SEE: Social Engineering (Phishing and Deceptive Sites)
UNWANTED_SOFTWARE -> The domain is currently flagged by Google for downloading unwanted software - SEE:Unwanted Software Policy
MALWARE, SOCIAL_ENGINEERING, UNWANTED_SOFTWARE -> You can probably figure this one out (real rare for this to occurr)

Performant Endpoint Visibility

osquery allows you to easily ask questions about your Linux, Windows, and macOS infrastructure. Whether your goal is intrusion detection, infrastructure reliability, or compliance, osquery gives you the ability to empower and inform a broad set of organizations within your company.

sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 1484120AC4E9F8A1A577AEEE97A80C63C9D8B80B
sudo add-apt-repository "deb [arch=amd64] https://osquery-packages.s3.amazonaws.com/xenial xenial main"
sudo apt-get update
sudo apt-get install osquery

Burp Suite is the leading software for web security testing_
Thousands of organizations use Burp Suite to find security exposures before it’s too late.

Create and validate TLSA records (DANE)

Hi,

I've talked about SSHFP in my last blog post and now, let’s talk about TLSA, another useful DNS record to put in a DNSSEC secured zone.

I will apply the example to HTTPS here but you can do this for everything that use TLS in fact (except for the web browser plugin part).
DANE and TLSA

PHP Malware Finder

Webshell finder,
kiddies hunter,
website cleaner.

https://github.com/nbs-system/php-malware-finder

Detect potentially malicious PHP files.

Scan Linux for Vulnerable Packages

How do you know wether your Linux server (which has no desktop update notifier or unattended security updates running) does need to be updated? Of course an

apt-get update && apt-get --dry-run upgrade

might give an indication. But what of the package upgrades do stand for security risks and whose are only simple bugfixes you do not care about?
Check using APT
One useful possibility is apticron which will tell you which packages should be upgraded and why. It presents you the package ChangeLog to decided wether you want to upgrade a package or not. Similar but less details is cron-apt which also informs you of new package updates.

Lynis

Open source auditing

https://cisofy.com/documentation/lynis/get-started/#installation-git

Lynis is an open source security auditing tool. Used by system administrators, security professionals, and auditors, to evaluate the security defenses of their Linux and UNIX-based systems. It runs on the host itself,

so it performs more extensive security scans than vulnerability scanners. It is also the client in our Lynis Enterprise offering.
Supported operating systems

Lynis runs on almost all UNIX-based systems and versions, including:

    AIX
    FreeBSD
    HP-UX
    Linux
    macOS
    NetBSD
    OpenBSD
    Solaris
    and others ```

UniqueMachine

is my computer unique?(Developing, not fully supported)

nikto -h https://fqdn_server/ -ssl

badssl check

A propos

Nous sommes utilisateurs de nombreux identifiants en tout genre pour accéder à des services. Nos contrats sont immatériels, car conclus en ligne. Nos paiements ou prélèvements sont bien réels. Gérer avec rigueur cet ensemble d'informations devient un enjeu important pour nous, mais aussi pour nos ayants droit qui auront bien des difficultés à retrouver toutes ces informations disséminées sur le NET, si nous ne les regroupons pas et n'en assurons pas la transmission.

MemoCloud apporte une réponse à ces attentes en permettant de stocker et gérer toutes ces informations numériques en ligne. Et parce que cela peut être utile, nous proposons de gérer vos documents importants (copies actes authentiques, assurances vie, produits financiers, etc..), ainsi que vos instructions en cas d'incapacité ou décès.

MemoCloud est votre coffre-fort numérique pour toutes vos informations importantes.

En cas d’incapacité ou de décès MemoCloud assure la transmission (distribution) des informations aux bénéficiaires que vous avez désignés en cas d'incapacité ou de décès. C’est la fonction testamentaire de MemoCloud.

MemoCloud est en ligne, vous pouvez l'utiliser dès à présent,

S'inscrire et profiter des services de MemoCloud est gratuit pour la fonction coffre fort, avec une limite de stockage de 100 Mo.

Pour profiter de la transmission des informations aux bénéficiaires que vous aurez désignés, nous proposons un abonnement de 40€ TTC par an et un espace de stockage porté à 1 Go.

MemoCloud est aujourd'hui la solution qui propose une chaîne complète de services de stockage, gestion et transmission.

Nous sommes la garantie que vos informations ne s'égareront pas dans le réseau mondial, mais seront distribuées aux bonnes personnes pour le meilleur usage.

MemoCloud est l'assurance vie de vos informations numériques

About this Add-on

AnonTab allows you to browse safely, anonymously and privately to any suspicious URLs from within your everyday browser!

This extension simply equips your web browser with a special tab in which your real IP address is masked via public Google proxy servers; all connections are SSL/TLS encrypted. No tracking, no logs, no scripts and no history entries—totally off the record browsing. Fear not!

GitHub repository: https://github.com/0xsobky/AnonTab.

firefox extension install direct:

https://addons.mozilla.org/firefox/downloads/latest/anontab/addon-672816-latest.xpi?src=dp-btn-primary

SysGauge is a free system and performance monitoring utility allowing one to monitor the CPU usage, memory usage, network transfer rate, operating system performance, the status and resource usage of running processes, file system performance, USB performance, disk space usage, disk read activity, disk write activity, disk read transfer rate, disk write transfer rate, disk read IOPS and disk write IOPS for individual logical disks or all physical disks installed in the computer.

Download SysGauge v1.5.18
32 bit http://www.sysgauge.com/setups/sysgauge_setup_v1.5.18.exe
64 bit http://www.sysgauge.com/setups_x64/sysgauge_setup_v1.5.18_x64.exe

faille include

test secu webrtc

webkay
This is a demonstration of all the data your browser knows about you. All this data can be accessed by any website without asking you for any permission.
Most of the data points are educated guesses and not considered to be accurate.

If you are interested in this topic join the discussion on Hackernews or the discussion on Reddit.

Create awareness for web privacy by tweeting about this page, or share it on Facebook, or Share via Whatsapp.

This project is an open source contribution by:
RobinLinus - Security, Privacy & Blockchain Consulting.