cschantz dd163f6db1 Fix ET Open detection display in live monitor + add more webshell signatures ...

Issues fixed:
1. ET detection was running but not displaying results
   - Detection was happening but only stored in intelligence DB
   - Display was showing old attack detection instead
   - Now shows ET detection with 🛡️ icon and attack types
   - Shows rate anomaly score with 🌊 icon when elevated

2. Added more webshell signatures:
   - alfa/alfa-rex/alfanew (Alfa Team shells)
   - mini.php, phpspy, antichat, idx, indoxploit
   - Suspicious PHP files in wrong locations (admin.php in wp-includes, etc.)

Display format changes:
- Old: [01:25:35] 194.5.82.127 | Score:100 [CRITICAL] | ❓85 | /alfa-rex.php
- New: [01:25:35] 194.5.82.127 | Score:100 [CRITICAL] | 🛡️ET:WEBSHELL,TRAVERSAL | /alfa-rex.php

Features:
- Uses ET score if higher than legacy score
- Shows both ET detection and legacy detection when appropriate
- Rate flooding adds to combined score
- Auto-blocks at combined score ≥90

Tested:
- alfa-rex.php: Score 100, WEBSHELL detected ✅
- admin.php: Score 100, WEBSHELL detected ✅
- ws.php7: Score 95, UPLOAD detected ✅
- All syntax validated ✅

2025-12-13 02:18:54 -05:00

..

backup

Update documentation for MySQL restore tool and backup module

2025-12-10 23:07:11 -05:00

diagnostics

Eliminate all bc command dependencies - replace with awk for portability

2025-12-03 20:49:46 -05:00

maintenance

Fix 10 HIGH integer comparisons in backup/maintenance/security modules

2025-12-03 20:14:37 -05:00

performance

Performance optimizations Round 2: Pure bash field extraction

2025-12-12 17:08:17 -05:00

security

Fix ET Open detection display in live monitor + add more webshell signatures

2025-12-13 02:18:54 -05:00

website

Fix CRITICAL and HIGH priority QA issues

2025-12-04 16:17:59 -05:00