This repository has been archived by the owner on Nov 19, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 14
/
blazescan-man
48 lines (33 loc) · 1.71 KB
/
blazescan-man
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
.\" Manpage for blazescan
.\" Contact [email protected] to correct errors or typos.
.TH man 1 "19 August 2018" "1.0" "blazescan man page"
.SH NAME
blazescan \- incident response tool
.SH SYNOPSIS
blazescan [-options] [directory] | [user] | [file]
.SH DESCRIPTION
Blazescan is a malware scanning and incident response tool that uses clamav and custom malware databases. Designed for use on webservers with yara rules and malware signatures tailored for webshells, phishing kits and spam mailers. Other software used includes WPCLI, maldet, and many standard linux utilities.
.SH OPTIONS
-a will scan all cpanel accounts
-A will use Agressive mode to scan all cpanel accounts
uses clamd to run multicore scans, can increase load
-u will scan the specified cpanel user
-l will show the results of the last scan
-t will display ctime of the hits in the last scan
-d scan a directory of your choosing
-w will run a scan on the directory of your choosing with wordpress checks included
-f will run search for all files in the directory given and record ctime of all files
-i provide a file to pull vital stats about the file
-m will email the list of hits from the last malware scan
-n will provide an overview of logged in users and network traffic
-N will run a tcpdump for a specified time period and write the data to a file for later analysis
-U will check for updates, and allow you to perform any available updates
-R will allow you to report a malicious file back to add a signature
use this if you encounter new malicious code that is not detected
-h will display the help menu
.SH SEE ALSO
clamscan(1)
.SH BUGS
No known bugs.
.SH AUTHOR
Brian Laskowski ([email protected])