Releases: JayHackPro/JayShield
Release list
JayShield 1.2.1
Changed
- The product now carries its registered mark, JayShield®, in the banner subtitle and the scan header, matching how the brand appears everywhere else.
- The landing page and README examples now open with the real JayHackPro startup banner (the block wordmark on wide terminals, the compact mark on narrow ones).
Run it: npx @jayhackpro/jayshield --selftest
JayShield 1.2.0
Added
- A JayHackPro startup banner. Running a scan,
--help,--selftest, or the new--bannernow prints the JayHackPro block wordmark in green, with the JayShield subtitle, the way a hacker tool announces itself.
It is the shared brand mark for every JayHackPro tool. Narrow terminals get a compact version so it never wraps, and --no-banner (or --json) turns it off for clean and CI output. The art is generated once with figlet and embedded, so there is still zero runtime dependency.
npx @jayhackpro/jayshield --banner
JayShield 1.1.0
A precision and coverage pass, verified against real production code.
Added
- Polyglot detection. A webshell hidden inside a real (binary) image, the classic upload bypass, is now caught. Byte and path checks run on every file, and script files are always read as text, so a stray null byte can no longer hide code from the scanner.
- Two high-signal rules: a function whose name comes from request input (
call_user_func), andextractof request input.
Changed
- Tightened the reverse-shell, webshell-banner, and password-gate rules so they need real malicious code, not a passing mention in a doc comment.
- The upload-handler rule is now a low-severity advisory.
Removed
- The backtick-execution rule, which matched ordinary markdown backticks in documentation and was the main source of noise.
Fixed
- Verified a clean scan, with zero false positives, across WordPress core, jQuery, and the Laravel framework.
Run it now:
npx github:JayHackPro/JayShield --selftest
JayShield 1.0.0
The first public release of JayShield, JayHackPro's malware scanner and remover.
Find and remove web malware, webshells, and backdoors. Point it at a folder, see exactly what is infected, then quarantine the threats safely. Nothing is ever deleted without your say so.
npx @jayhackpro/jayshield ./public_htmlWhat it catches
- Webshells (c99, r57, WSO, b374k, FilesMan, and the generic families)
- Backdoors (eval of request input, variable functions, the preg_replace /e trick, remote payloads, reverse shells)
- Obfuscation (decode then run, character and hex tricks, packed one liners)
- Injected front end malware (hidden iframes, document.write of unescaped markup, malicious redirects)
- Cryptocurrency miners, cookie skimmers, and hidden SEO or pharma spam
- Disguised files (PHP inside a fake image, double extensions, scripts in uploads folders)
- Known bad files by exact hash, plus the EICAR test file
Safe by design
Quarantine moves threats into a local vault and restores them byte for byte. Purge is the only destructive action, and it is guarded behind an explicit confirmation.
Solid engineering
Zero runtime dependencies, a full test suite on Node's built in runner, a built in --selftest, JSON output, and CI friendly exit codes.
Designed by Jayden Yoon ZK. Released under JayHackPro® Inc.