Closed rthrash closed 6 years ago
Sounds great, however i'm not really using the scanner against different files than PHP (extension).
The https://code.jquery.com/jquery/ would be a good source both compressed and minified isn't?
Yes. We've seen a ton of hacks recently that lead to backdoors even if the offending PHP files were removed. Lots of .randomly-named.ico
files get uploaded and modified JS files, too.
Done, tool included too.
Do you think it would make sense to compile a whack of MD5s for the whitelist for jquery.min files, since those seem to almost always create false positives?