A lightweight PHP security scanner that detects malicious patterns in WordPress databases. Perfect for quick malware checks in wp_options table.
- Scans for
<script>,eval,base64_decode,document.write - Web & CLI execution modes
- Read-only database access (safe inspection)
- Simple 3-minute setup
- Custom pattern configuration
- PHP 7.4+
- WordPress database access
- Basic server knowledge
wget https://raw.githubusercontent.com/Kvnbbg/wp-malware-scanner/main/scanner.phpEdit database credentials:
$db_host = "localhost";
$db_user = "your_db_user";
$db_pass = "your_db_pass";
$db_name = "your_db_name";Web Browser:
https://yoursite.com/scanner.php
Command Line:
php scanner.phpExample output:
[!] Suspicious entry found in option_name: malicious_code
Partial value: <script>eval(atob('...'))
rm scanner.phpCustom Patterns:
Add regex patterns to $malware_patterns array:
$malware_patterns = [
'/<script.*?>.*?<\/script>/si',
'/eval\(.*?\)/si'
];CLI Options:
php scanner.php --full-output # Show complete suspicious values| Feature | Status |
|---|---|
| Aikido.dev integration | Planned Q4 |
| PDF/JSON reports | In Development |
| Auto-clean (safe mode) | Researching |
| Multi-table scanning | On Hold |
- Always test on staging first
- Remove script immediately after use
- Never store on production servers
Official Support:
contact
Disclaimer: This tool assists detection but doesn't guarantee complete protection. Always maintain backups.
