List,
I've developed a new w3af [0] plugin which uses ClamAV to find
malware on your site. The basic idea is that w3af will crawl your site
and send all http response bodies to clamd, and then report any
findings it returns.
I need your help for testing! Follow these steps if you've got
some minutes to spare:
git clone g...@github.com:andresriancho/w3af.git
cd w3af
git checkout feature/clam
git pull
./w3af_console # Install the new clamd dependency using pip
# Install clamd in your system (this is for ubuntu):
sudo apt-get install clamav-daemon clamav-freshclam clamav-unofficial-sigs
sudo freshclam
sudo service clamav-daemon start
Then, run a scan against your site using the new grep.clamav
plugin. Remember that for the grep plugin to analyze your site, you
need to activate a crawl plugin like web_spider. If you want to test
with something "real", remember you can use the EICAR test binary[0]
If you want to read the source for this mesh please see this [1]
link. Let me know if there is something I'm doing wrong with the
w3af-clamd integration!
Happy testing!
[0] http://www.eicar.org/85-0-Download.html
[1]
https://github.com/andresriancho/w3af/blob/feature/clam/plugins/grep/clamav.py
Regards,
--
Andrés Riancho
Project Leader at w3af - http://w3af.org/
Web Application Attack and Audit Framework
Twitter: @w3af
GPG: 0x93C344F3
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
