PHPackages akashchakraborty/laravel-shield - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. akashchakraborty/laravel-shield ActiveLibrary[Security](/categories/security) akashchakraborty/laravel-shield =============================== Laravel malware and malicious file scanner v1.0.0(3mo ago)10MITPHPPHP ^8.0 Since Jan 24Pushed 3mo agoCompare [ Source](https://github.com/EzY-SkyNet/Laravel-Shield)[ Packagist](https://packagist.org/packages/akashchakraborty/laravel-shield)[ RSS](/packages/akashchakraborty-laravel-shield/feed)WikiDiscussions main Synced 1mo ago READMEChangelog (1)Dependencies (1)Versions (2)Used By (0) 🛡️ Laravel Shield Scanner ========================= [](#️-laravel-shield-scanner) Laravel Shield Scanner is a **security-first Laravel package** designed to proactively scan your application for **malware, web shells, and suspicious PHP code**. It leverages **heuristic analysis** and offers seamless **antivirus integration** for enhanced protection. This package is built for a range of hosting environments—shared hosting, VPS, Windows, Linux—and prioritizes **safe, reversible actions**. > **No silent deletes. No unsafe installs. No fake “PHP antivirus” claims.** --- 🔥 Why Laravel Shield Scanner? ----------------------------- [](#-why-laravel-shield-scanner) Most Laravel security tools are limited to: - Dependency scanning - Configuration validation - File name blacklists - Blind file deletion **Laravel Shield Scanner** sets itself apart by: - Scanning **actual file contents** - Detecting suspicious behaviors, not just names - Safely quarantining instead of deleting - Functioning even **without antivirus installed** --- ✨ Features ---------- [](#-features) Laravel Shield Scanner offers a robust suite of security features tailored for real-world use. ### 🔍 Heuristic Malware Detection [](#-heuristic-malware-detection) - Identifies both **common and advanced PHP web shells**: - Adminer - Tiny File Manager - WSO - c99 / r57 - Flags code obfuscation techniques: - Chains of base64, gzinflate - Abuse of rot13, URL decoding - Detects dangerous behaviors: - Use of `eval`, `assert`, `system`, `shell_exec` - Dynamic execution from user input - **Ignores file names**—focuses on content and behavior ### 🦠 Optional Antivirus Integration [](#-optional-antivirus-integration) - **Automatic detection** and integration with: - ClamAV (Linux) - Maldet (Linux) - Windows Defender (Windows) - Antivirus is **optional**; heuristic scanning is always active - **No auto-install**, no root access required - **Safe for shared hosting** ### 🧺 Safe Quarantine System (Recycle-Bin Style) [](#-safe-quarantine-system-recycle-bin-style) - Suspicious files are **moved, not deleted** - Original path is preserved for restoration - PHP execution is blocked (via `.htaccess`) - Files are restorable—no permanent loss ### ♻️ Restore Support [](#️-restore-support) - Restore all quarantined files - Files return to **exact original locations** - Same filename, same content ### 📄 Daily Isolated Logs [](#-daily-isolated-logs) - Logs are written **per day** - Logs are **outside** Laravel’s default log - **Structured JSON format** for auditability ### ⚙️ Smart Installer [](#️-smart-installer) - Creates config if missing - Merges only missing keys (preserves user settings) - Prepares required directories - **Never** overwrites user settings --- 📦 Installation -------------- [](#-installation) Install the package using Composer: ``` composer require laravel-shield/scanner ``` Laravel will auto-discover the service provider. --- 🚀 Quick Start (Recommended) --------------------------- [](#-quick-start-recommended) 1️⃣ **Run the Smart Installer** ``` php artisan shield:install ``` This will: - Create `config/shield.php` if missing - Merge missing config keys if outdated - Create required directories: - `storage/laravel-shield-quarantine` - `storage/logs/laravel-shield` 2️⃣ **Run a Full Security Scan** ``` php artisan shield:scan ``` --- 🧪 Available Commands -------------------- [](#-available-commands) - **🔍 Full Security Scan** - `php artisan shield:scan` - Performs heuristic malware scan - Runs antivirus scan (if available) - Optionally quarantines suspicious files - Writes a daily log file - **🦠 Antivirus Status** - `php artisan shield:av:status` - Lists available antivirus engines - Provides installation guidance - Does **not** install anything automatically - **🔄 Update Antivirus Definitions** - `php artisan shield:av:update` - Safely updates virus definitions - Skips if antivirus is not installed - **♻️ Restore Quarantined Files** - `php artisan shield:quarantine:restore` - Restores all quarantined files to their original paths - **🛠️ Smart Installer** - `php artisan shield:install` - One-time setup command - Safe to re-run—never overwrites user config --- ⚙️ Configuration ---------------- [](#️-configuration) The configuration file is located at: `config/shield.php` **Default configuration:** ```