Tired getting hacked and finding where the hacker backdoor is?
Worldfind is a basic command-line tool written in Go that helps you identify potential webshells hidden within your web server directories. It works by scanning files for suspicious keywords and regular expressions commonly found in malicious scripts.
Disclaimer: This tool is intended for educational and informational purposes only. It is not a substitute for comprehensive security measures. Use at your own risk. False positives are possible.
Features:
- Scans files for specified keywords.
- Uses regular expressions to detect common webshell patterns.
- Customizable wordlist (optional).
- Simple and easy to use.
Installation:
- Prerequisites: Make sure you have Go installed on your system.
- Download Worldfind:
- Clone the repository:
git clone https://github.com/Arya-f4/worldshellfinder.git
- Or download the source code as a ZIP file and extract it.
- Build the Executable:
- Open a terminal and navigate to the worldfind directory.
- Run the command:
go build
- This will create an executable file named
worldfind
in the same directory.
Usage:
-
Building and compiling to executable
go build -o worldfind
you can replace the worldfind with your desired name of application and also change the bash command.
-
Basic Scan:
./worldfind <directory>
- Replace
<directory>
with the path to the directory you want to scan.
-
Custom Wordlist:
./worldfind <directory> <wordlist_path (optional)>
- Replace
<wordlist_path>
with the path to your custom wordlist file.
Wordlist Format:
The wordlist should be a plain text file with one keyword per line. You can use the provided wordlists/default.txt
file as a starting point.
Example:
./worldfind /var/www/html wordlists/my_wordlist.txt
This command will scan the /var/www/html
directory using keywords from the wordlists/my_wordlist.txt
file.
To Know :
This tools is using keyword that unique inside the shell to get as reference
here is the list of the known shell :
List Of Known Shell and Already Detected
Contributing:
Contributions are welcome! Please feel free to submit pull requests for new features, improvements, or bug fixes.
Please note: This tool is under development and may be updated in the future.
Compatibility :
- Windows
- Linux
- Mac (Not Tested Yet)