EnglishFrenchSpanish

Ubuntu | Fedora | VPN | File sharing


OnWorks favicon

neopi - Online in the Cloud

Run neopi in OnWorks free hosting provider over Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator

This is the command neopi that can be run in the OnWorks free hosting provider using one of our multiple free online workstations such as Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator

PROGRAM:

NAME


neopi - web shell code detection

SYNOPSIS


neopi [options] <dir> [regex]

DESCRIPTION


This manual page documents briefly the neopi command.

neopi is a Python script that uses a variety of statistical methods to detect obfuscated
and encrypted content within text/script files.

The intended purpose of NeoPI is to aid in the detection of hidden web shell code.

The development focus of NeoPI was creating a tool that could be used in conjunction with
other established detection methods such as Linux Malware Detect or traditional
signature/keyword based searches.

NeoPI recursively scans through the file system from a base directory and will rank files
based on the results of a number of tests.

It also presents a “general” score derived from file rankings within the individual tests.

OPTIONST


The program follows the usual GNU command line syntax, with long options starting with two
dashes (`-'). A summary of options is included below.

-v, --version
Show version of program.

-h, --help
Show summary of options.

-C FILECSV, --csv=FILECSV
Generates a CSV output to FILECSV containing the results of the scan.

-a, --all
Run all tests including entropy, longest word, and index of coincidence. This is
the recommended way of running neopi.

-e, --entropy
Run only the entropy test.

-l, --longestword
Run only the longestword test.

-c, --ic
Run only the Index Coincidence test.

-A, --auto
This flag runs an auto generated regular expression that contains many common web
application file extensions.

This list is by no means comprehensive but does include a good ‘best effort’ scan
if you are unsure of what web application languages your server is running.

Current list of included extensions: php, asp, aspx, sh, bash, zsh, csh, tsch, pl,
py, txt, cgi, cfm

EXAMPLES


neopi -C scan1.csv -a -A /var/www/

neopi -a /tmp/phpbb "php|txt"

neopi -a -A /var/www/html/

ABOUT


neopi authors are Ben Hagen <[email protected]> and Scott Behrens
<[email protected]>.

This man page was written by Arturo Borrero Gonzalez <[email protected]> for
the Debian GNU/Linux distribution (but it may be used by others).

May 27, 2014 NEOPI(1)

Use neopi online using onworks.net services


Free Servers & Workstations


Download Windows & Linux apps


Linux commands

Ad




ABOUT ONWORKS®

OnWorks is a free online VPS hosting provider that gives cloud services like free workstations, online AntiVirus, free VPN secure proxies, and free personal and business email. Our free VPS can be based on CentOS, Fedora, Ubuntu and Debian. Some of them are customized to be like Windows online or MacOS online.

Site Links
Our Sites

Copyright ©2024 OffiDocs Group OU. All Rights Reserved. OnWorks® is a registered trademark.