ai-bolit.php
------------

http://www.revisium.com/aibo/
audit@revisium.com

Changes 20170811
- Updated malware DB

Changes 20170803
- Updated malware DB

Changes 20170703
- Fixed minor bug in several signatures
- Updated malware DB

Changes 20170626
- Improved singature optimization algo
- Updated malware DB

Changes 20170612
- Added --smart parameter in the command line
- Updated malware DB

Changes 20170605
- Added vulnerabilities to json report
- Updated malware DB

Changes 20170527
- New viruses signatures

Changes 20170519
- Fixed encoding in the report

Changes 20170504
- New virus signatures
- External php-handlers for AI-BOLIT integration
- Fixed plain text report
- External file to track the scanning progress
- New json-format scanning report 

Changes 20170301
- Reworked singatures to reduce false positives
- Added virus signatures and new whitelist files

Changes 20170217
- Added Joomla PHPMailer vulnerability discover
- Fixed vBulletin version detection
- Scan speedup using smart scan 
- Reduced amount of false positives
- Added virus signatures and new whitelist files

Changes 20170110
- Added virus signatures and new whitelist files
- PHPMailer vulnerability is detected

Changes 20161225
- Added virus signatures and new whitelist files
- Optimized and improved scanning process

Changes 20161127
- Added virus signatures and new whitelist files

Changes 20161119
- Added virus signatures and new whitelist files
- Fixed snippets in ai-bolit script

Changes 20161110
- Added virus signatures and new whitelist files
- Fixed vps_docroot.php script

Changes 20161011
- Added virus signatures and new whitelist files

Changes 20161024
- Added virus signatures and new whitelist files

Changes 20160817
- Added virus signatures and new whitelist files
- Some minor report cleanups

Changes in 20160720
- Added virus signatures and new whitelist files

Changes in 20160701
- Added virus signatures and new whitelist files

Changes in 20160503
- Added php7 and pht extensions in mandatory list to scan
- Added virus signatures and new whitelist files

Changes in 20160312
- Fixed sorting order in report
- Added virus signatures and new whitelist files

Changes in 20160305
- Added new command line argument --scan to scan particular extensions
- New whitelist approach to filter false-positives. Please ensure that your PHP.ini has short_open_tag=on (or launch scanner with the following command short_open_tag=on (php -d short_open_tag=on ai-bolit.php ...)
- Added new signatures
- Minor bugfixes

Changes in 20160227
- New whitelist approach to filter false-positives. Please ensure that your PHP.ini has short_open_tag=on (or launch scanner with the following command short_open_tag=on (php -d short_open_tag=on ai-bolit.php ...)
- added new signatures

Changes in 20160219
- fixed issue in whitelisting mechanism. Need to set short_open_tag=on while running ai-bolit (php -d short_open_tag=on ai-bolit.php ...)
- added new signatures of malware 
- added new CMSes to whitelist database

Changes in 20160202
- added new whitelist 
- added new malware signatures
- new scanner international version

...

Changes in 20130201

- new signatures added
- report is protected from SE indexing
- report file name includes randomly generated number against bruteforce protection
- added wordpress 3.5.1 into .aknown list


Changes in 20130122 

- new signatures added
- added known files for instant cms and invision power board cms
- hidden files detection
- bugfix


Changes in 201301221

- flexible patterns to find shell and malicious code 
- extended mechanism for exceptions
- console report now has a statistics
- bugfix


Changes in 20121106

- new signatures
- search "sensitive" files which are not in safe
- bugfix


Changes in 20121014
- added 170 new signatures
- symlinks are skipped
- php info added
- checn for php build version
- improved external include analysis
- report file renamed: AI-BOLIT-REPORT-<>_<>.html
- improved scanning progress

...