malscan v1.8.1 releases: fully featured malware scanner for Linux desktops and servers


ClamAV-based malware scanner for Linux web servers.

malscan is a scanning platform for Linux servers that simplifies keeping your web servers secure and malware-free. It is built upon the ClamAV platform, providing all of the features of Clamscan with a host of new features and detection modes.



  • Multiple channels of malware signatures
    • RFX Networks Signatures
    • Metasploit Signatures
    • malscan Signatures
    • ClamAV Main Signatures
  • Multiple Detection Methods
    • Standard HEX or MD5 based detections
      • Includes a database of over 30,000 signatures
      • Uses both HEX and hash-based detections
    • String length detections
      • Identifies long obfuscated strings.
      • Non-signature based, to help detect zero-day code injections
    • MimeType mismatch detections
      • Detects PHP files that are masquerading as other file types.
      • Identifies certain common obfuscated attack vectors, such as command shells hiding as .png files.
    • Tripwire detection mode
      • Allows you to whitelist files in a known clean configuration.
      • Compares the file tree to previously whitelisted states to identify changes.
      • Can be hooked into common deploy tools, such as capistrano or dpl.
  • Easy File Quarantining
  • Custom email notifications

Changelog v.18.1

Nov 26, 2018

  • Fixed: Malscan now provides better information when attempting a run with the lockfile present. (fixes #26).

Install & Use

Copyright 2015-2018 Josh Grancell