Webshells
c99, r57, WSO, b374k, FilesMan, and the generic remote file managers and command runners built on the same patterns.
root@server:~# incident response, automated
When a site gets hacked, the attacker leaves something behind: a webshell in the uploads folder, a backdoor bolted onto a real file, a miner buried in a script. JayShield® finds it in seconds and quarantines it safely, without ever deleting your data.
// detections
One rule catches a whole technique, not a single strain, so JayShield finds the copies too. Signatures, hashes, and shape-based heuristics, layered together.
c99, r57, WSO, b374k, FilesMan, and the generic remote file managers and command runners built on the same patterns.
eval of request input, variable functions driven by the query string, the preg_replace trick, remote payloads that fetch and run, and reverse shells.
Decode then run payloads, character and hex tricks, packed one-liners, and the big encoded blobs that hide a shell in plain sight.
The classic upload bypass: a real image with PHP appended to the end. Byte-level checks catch it even though the file looks binary.
In-browser cryptocurrency miners, hidden iframes, and the scripts that quietly copy a visitor session off to another server.
Exact hash matches against a set you can extend, plus the EICAR test file so you can prove the scanner is wired up correctly.
// remediation
JayShield never deletes your files. Quarantine moves each flagged file into a local vault and records where it came from, so your live site stops serving it at once while every byte is kept.
Purge is the only destructive action, and it never runs without an explicit confirmation.
// get started
No account, no agent, no dependencies to download. It runs anywhere Node does.
Scan a folder, no install
Prove it works, with the EICAR test file
Install once, call it by name
Exit codes make it drop straight into CI: 0 clean, 1 threats found, 2 error. Add --json for machine-readable output.
// who builds this
A software development company focused on cybersecurity, based in Los Angeles, California. JayHackPro builds tools that make the web a safer place to be, and open-sources the ones that help everyone.
"Let's make the world a better place."