Skip to content

Commit 9e6fd2f

Browse files
author
Chao Liu
committed
Initial commit
0 parents  commit 9e6fd2f

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

52 files changed

+25588
-0
lines changed

LICENSE

+674
Large diffs are not rendered by default.

README.md

+58
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,58 @@
1+
2+
# CloudWalker(牧云)开源计划
3+
4+
CloudWalker(牧云)是长亭推出的一款开源服务器安全管理平台。根据项目计划会逐步覆盖服务器资产管理、威胁扫描、Webshell 查杀、基线检测等各项功能。
5+
6+
本次开源作为开源计划的第一步,仅包含 Webshell 检测引擎部分,重点调优 Webshell 检测效果。目前放出的是一个可执行的命令行版本 Webshell 检测工具。
7+
8+
# 下载地址
9+
10+
工具打包形式为单个可执行文件,下载之后添加可执行权限即可执行。
11+
12+
[TODO,上传之后填写](TODO)
13+
14+
# 使用方式
15+
16+
```
17+
$ ./webshell-detector /path/to/your-web-root/ /var/www/html /path/to/some-file
18+
```
19+
20+
![output-cli.png](tool/webshell-detector/static/output-cli.png)
21+
22+
## 输出 HTML 报告
23+
24+
```
25+
$ ./webshell-detector -html -output result.html /path/to/web-root/
26+
```
27+
28+
输出报告样例如下:
29+
30+
![webshell-output-html.png](tool/webshell-detector/static/webshell-test-html.png)
31+
32+
## 输出结果描述
33+
34+
目前检测结果分为 5 个级别,级别越高说明检测出 Webshell 的可能性越高,如果没有级别说明不存在 Webshell 风险。
35+
36+
## 线上测试 Demo 地址
37+
38+
线上测试 Demo 地址:https://webshellchop.chaitin.cn/
39+
40+
(注意:线上 Demo 代码检测效果可能有微弱差异)
41+
42+
## 支持系统与版本
43+
44+
- 主流 Linux 发行版(内核不能太老,至少 2.6.32,否则会由于 Go 语言不支持直接打印 FATAL: kernel too old)
45+
- MacOS 可自行编译
46+
- Windows 暂不支持
47+
48+
# Roadmap and TODO List
49+
50+
- 整理完成产品框架代码并开源
51+
- 实现统一插件管理与通信机制
52+
- 提供插件 SDK
53+
- 文档、Demo 等
54+
55+
# License
56+
57+
[GPLv3](LICENSE)
58+

tool/webshell-detector/.gitignore

+21
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,21 @@
1+
# GoLand cache dir
2+
.idea/
3+
4+
# VSCode config
5+
.vscode/
6+
7+
# Mac OS X file
8+
.DS_Store
9+
10+
# Binaries for programs and plugins
11+
*.exe
12+
*.exe~
13+
*.dll
14+
*.so
15+
*.dylib
16+
17+
# Test binary, build with `go test -c`
18+
*.test
19+
20+
# Output of the go coverage tool, specifically when used with LiteIDE
21+
*.out

tool/webshell-detector/README.md

+38
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,38 @@
1+
# Webshell detector
2+
3+
## Installation
4+
5+
Standalone binary can be downloaded at <https://github.com/chaitin/cloudwalker/releases>.
6+
7+
## Usage
8+
9+
```
10+
./webshell-detector-linux-amd64 -h
11+
Chaitin CloudWalker Webshell Detector
12+
[version 1.0.0]
13+
14+
usage: ./webshell-detector-linux-amd64 [options] name ...
15+
16+
-html
17+
Show result as HTML
18+
-output string
19+
Export result to output file
20+
```
21+
22+
## Build
23+
24+
### Dependencies
25+
26+
For Ubuntu and Debian users:
27+
28+
```
29+
apt-get install autoconf bzip2 patch vim
30+
```
31+
32+
### Build the detector
33+
34+
```
35+
make -C php
36+
go get -d ./src
37+
go build -o webshell-detector ./bin
38+
```

0 commit comments

Comments
 (0)