Search the files and database of your WordPress install for signs that may indicate that it has fallen victim to malicious hackers.
it detected core file changes by codes base64_decode('IyBCRUdJTiBXb3JkUHJlc3MKPEl...
I could find some files I didn't catch nor wordfence. I had a very malicious hacker on a website and it was really dirty.
Must plugin for a WordPress web site. You can use it in combo with kali linux, and build a secure wall to your web site..
After grabbing the latest hash tags from https://github.com/philipjohn/exploit-scanner-hashes, I was able to get this to scan my site. Awesome work!
does not show much except lots of stuff from other security plugins.
This plugin is a very very good idea because cometimes, hackers are modiying core files to include their backdoors.
Make sure you use common sense when reviewing your site.
I had a site hacked last summer (2012). In spite of clearing the hacked files that showed up for a phishing exploit, new ones kept popping up. I added a number of security plugins including Website Defender, Bulletproof Security, and Wordfence. Of these, Wordfence seemed to be the best at actually and quickly detecting the presence of attack shells; but the problem continued to occur. I could also see some of the IP addresses that were involved in sourcing the attack (Indonesia especially) and I could block specific IP addresses; but still, the attack continued. I inspected the MySQL DB to see if there had been any SQL injection at or near the first attack, but there was nothing there. I was about ready to take the entire site back to formula and do the whole thing over by hand when I came across this plugin.
Of course, it over-did the detection but it also pinpointed the upload vectors buried away in the site. This was much better than under-detection, since I could decide for myself if a file was clean or not by opening it and checking it out.
This plugin gets my five-star rating for saving my bacon.
You must log in to submit a review. You can also log in or register using the form near the top of this page.