Skip to content

Releases: JayHackPro/JayShield

JayShield 1.2.1

Choose a tag to compare

@JaydenYoonZK JaydenYoonZK released this 15 Jul 06:49

Changed

  • The product now carries its registered mark, JayShield®, in the banner subtitle and the scan header, matching how the brand appears everywhere else.
  • The landing page and README examples now open with the real JayHackPro startup banner (the block wordmark on wide terminals, the compact mark on narrow ones).

Run it: npx @jayhackpro/jayshield --selftest

JayShield 1.2.0

Choose a tag to compare

@JaydenYoonZK JaydenYoonZK released this 15 Jul 06:49

Added

  • A JayHackPro startup banner. Running a scan, --help, --selftest, or the new --banner now prints the JayHackPro block wordmark in green, with the JayShield subtitle, the way a hacker tool announces itself.

It is the shared brand mark for every JayHackPro tool. Narrow terminals get a compact version so it never wraps, and --no-banner (or --json) turns it off for clean and CI output. The art is generated once with figlet and embedded, so there is still zero runtime dependency.

npx @jayhackpro/jayshield --banner

JayShield 1.1.0

Choose a tag to compare

@JaydenYoonZK JaydenYoonZK released this 15 Jul 06:49

A precision and coverage pass, verified against real production code.

Added

  • Polyglot detection. A webshell hidden inside a real (binary) image, the classic upload bypass, is now caught. Byte and path checks run on every file, and script files are always read as text, so a stray null byte can no longer hide code from the scanner.
  • Two high-signal rules: a function whose name comes from request input (call_user_func), and extract of request input.

Changed

  • Tightened the reverse-shell, webshell-banner, and password-gate rules so they need real malicious code, not a passing mention in a doc comment.
  • The upload-handler rule is now a low-severity advisory.

Removed

  • The backtick-execution rule, which matched ordinary markdown backticks in documentation and was the main source of noise.

Fixed

  • Verified a clean scan, with zero false positives, across WordPress core, jQuery, and the Laravel framework.

Run it now:

npx github:JayHackPro/JayShield --selftest

JayShield 1.0.0

Choose a tag to compare

@JaydenYoonZK JaydenYoonZK released this 15 Jul 06:49

The first public release of JayShield, JayHackPro's malware scanner and remover.

Find and remove web malware, webshells, and backdoors. Point it at a folder, see exactly what is infected, then quarantine the threats safely. Nothing is ever deleted without your say so.

npx @jayhackpro/jayshield ./public_html

What it catches

  • Webshells (c99, r57, WSO, b374k, FilesMan, and the generic families)
  • Backdoors (eval of request input, variable functions, the preg_replace /e trick, remote payloads, reverse shells)
  • Obfuscation (decode then run, character and hex tricks, packed one liners)
  • Injected front end malware (hidden iframes, document.write of unescaped markup, malicious redirects)
  • Cryptocurrency miners, cookie skimmers, and hidden SEO or pharma spam
  • Disguised files (PHP inside a fake image, double extensions, scripts in uploads folders)
  • Known bad files by exact hash, plus the EICAR test file

Safe by design

Quarantine moves threats into a local vault and restores them byte for byte. Purge is the only destructive action, and it is guarded behind an explicit confirmation.

Solid engineering

Zero runtime dependencies, a full test suite on Node's built in runner, a built in --selftest, JSON output, and CI friendly exit codes.

Designed by Jayden Yoon ZK. Released under JayHackPro® Inc.