If you are experiencing False Positive, don't leave review here. Instead, go to GitHub and create Issue report. Issue report will be more helpful to others than leaving a review.
It's still the same as it was a year ago, most of its "detections" are based of a database file which is just a list of blacklisted authors, checksums, class paths, etc this is a very bad way of handling this and leaves many gaps in detections and easy to bypass while still managing to have many false positives if it wasn't for the whitelists and even at that it still has false positives on obviously safe plugins.
I think that such a plugin should be developed because it helps a lot in identifying hacks, of which there are now a lot in plugins
i rate this 4.75. Sometimes it false detects but overall its good. (-----------)
Overall an excellent antivirus, but requires work as it often triggers falsely!!!
its very trigger happy and will gladefully flag reputable plugins. flags skinsrestorer, iris(volmit), floodgate, authme, discordsrv and more
It does not detect viruses well, it does not pay attention to the same PluginMetrics folder, but false positives. For plugins such as: SkinRestorer, BeacmcStaffWork and Blib. But it seems to me that this plugin has a place to be
Не детектит Август. Сам инструмент уязвим к тому что малварь может залочить файл для открытия через декомпилятор (Couldn't get FileSystem), что использует кстати и Bukloit.
The best virus detection plugin, it's a pity that I didn't know about it before. The only thing is that he falsely complains about SkinRestorer from the official website of Spigot
rating: 3.5/5
Good morning. I find the anti-malware very interesting, despite the fact that it only works once in 5 (and then again) on my server. I give it a good rating because I think it's a good idea and I hope it will work in the future for my server (blocked with a message: "Remaining files to scan: 0").
I also accidentally dragged the .jar into my "plugin" folder and forgot to remove it, during the scan, I got these messages: plugins\MCAntiMalware.jar MAY be infected by Spigot.MALWARE .SystemAccess.Exec Class Path: org/sqlite/util/OSInfo; Source File/Line OSInfo.java/43 and Line 89
I don't know if it's because the plugin accesses the class for detection... Otherwise I think this plugin will work quite well in the future and will be powerful.
Good morning. I find the anti-malware very interesting, despite the fact that it only works once in 5 (and then again) on my server. I give it a good rating because I think it's a good idea and I hope it will work in the future for my server (blocked with a message: "Remaining files to scan: 0").
I also accidentally dragged the .jar into my "plugin" folder and forgot to remove it, during the scan, I got these messages: plugins\MCAntiMalware.jar MAY be infected by Spigot.MALWARE .SystemAccess.Exec Class Path: org/sqlite/util/OSInfo; Source File/Line OSInfo.java/43 and Line 89
I don't know if it's because the plugin accesses the class for detection... Otherwise I think this plugin will work quite well in the future and will be powerful.
-
Author's response
The resource description specifically states: " Runs 24/7 and scans new files for constant protection". Therefore; It will not close automatically.
As for the other problem, I'll look into a way to stop it from scanning itself. It's a False-Positive as well. SQLite is used for the Anti-Malware database
As for the other problem, I'll look into a way to stop it from scanning itself. It's a False-Positive as well. SQLite is used for the Anti-Malware database
This software is very good at detecting viruses on your server. The developer has been working on it for nearly 5 years now and it improves with every update. Very helpful and if you detect any malware on your server you can send it to the developer of Spigot Anti-Malware to analyse it further.
Rating: ★★★★☆ (3.75/5)
Spigot Anti Malware review by CMarco Development
--------------------------------------------------
Positive Factors:
Improves Safety of Server:
Spigot Anti Malware effectively bolsters server security, mitigating the risks associated with malware and unauthorized intrusions. The tool actively contributes to creating a safer gaming environment for both server owners and players.
Free and Open Source:
The fact that Spigot Anti Malware is freely available and open source is a major advantage. It fosters community involvement, allowing developers to inspect, modify, and contribute to the tool's improvement.
--------------------------------------------------
Negative Factors:
It will catch many blatant and obviously dangerous software, or flag potentially dangerous one. However a skilled developer can bypass it.
Java 17 Requirement:
The tool's dependence on Java 17 poses a significant limitation for server owners running Minecraft versions between 1.8 and 1.16. This exclusionary factor could alienate a considerable portion of the Minecraft community, as many servers may not be ready to upgrade to Java 17.
Depressing Forum Resource Page:
The forum resource page, being a key point of interaction for users, should ideally foster a positive community environment. However, the descriptor "depressing" suggests a negative experience, potentially deterring potential users from exploring the tool further. Improving the forum page's content and engagement could enhance the overall perception of Spigot Anti Malware.
Spigot Anti Malware review by CMarco Development
--------------------------------------------------
Positive Factors:
Improves Safety of Server:
Spigot Anti Malware effectively bolsters server security, mitigating the risks associated with malware and unauthorized intrusions. The tool actively contributes to creating a safer gaming environment for both server owners and players.
Free and Open Source:
The fact that Spigot Anti Malware is freely available and open source is a major advantage. It fosters community involvement, allowing developers to inspect, modify, and contribute to the tool's improvement.
--------------------------------------------------
Negative Factors:
It will catch many blatant and obviously dangerous software, or flag potentially dangerous one. However a skilled developer can bypass it.
Java 17 Requirement:
The tool's dependence on Java 17 poses a significant limitation for server owners running Minecraft versions between 1.8 and 1.16. This exclusionary factor could alienate a considerable portion of the Minecraft community, as many servers may not be ready to upgrade to Java 17.
Depressing Forum Resource Page:
The forum resource page, being a key point of interaction for users, should ideally foster a positive community environment. However, the descriptor "depressing" suggests a negative experience, potentially deterring potential users from exploring the tool further. Improving the forum page's content and engagement could enhance the overall perception of Spigot Anti Malware.
-
Author's response
Still using ChatGPT to write your reviews, I see.
1) Every Anti-Malware has False-Positives, these get fixed as reported, if possible. Side note, I have "Any bugs and/or false-positives should be reported either on the GitHub repo, plugin discussion page, or on the discord server " in console on every run.
2) This is a standalone product. I'm not restricted by Minecraft servers. Also, you can't read. It says Java 17 is required, and you tried using Java 8. This is not on me, but is on you.
3) I'd say the description as is is good enough. I rarely get any support tickets on how to use the Anti-Malware. Usually, the only support tickets I get, are from people (like you) who run the program with an outdated Java version. Also, even with the description as is, I still have 28.9K downloads, 74 reviews, and 4.4/5 stars. I don't really need to change a thing. Especially for someone who's negatively reviewing people's resources for the dumbest of reasons
1) Every Anti-Malware has False-Positives, these get fixed as reported, if possible. Side note, I have "Any bugs and/or false-positives should be reported either on the GitHub repo, plugin discussion page, or on the discord server " in console on every run.
2) This is a standalone product. I'm not restricted by Minecraft servers. Also, you can't read. It says Java 17 is required, and you tried using Java 8. This is not on me, but is on you.
3) I'd say the description as is is good enough. I rarely get any support tickets on how to use the Anti-Malware. Usually, the only support tickets I get, are from people (like you) who run the program with an outdated Java version. Also, even with the description as is, I still have 28.9K downloads, 74 reviews, and 4.4/5 stars. I don't really need to change a thing. Especially for someone who's negatively reviewing people's resources for the dumbest of reasons
非常謝謝作者願意花費時間寫插件提供玩家使用,值得五顆星
----------------------------------------------------------------------------------
----------------------------------------------------------------------------------
Rating: ★★★☆☆ (3/5)
Spigot Anti Malware review by CMarco Development Team.
--------------------------------------------------
Positive Factors:
Improves Safety of Server:
Spigot Anti Malware effectively bolsters server security, mitigating the risks associated with malware and unauthorized intrusions. The tool actively contributes to creating a safer gaming environment for both server owners and players.
Free and Open Source:
The fact that Spigot Anti Malware is freely available and open source is a major advantage. It fosters community involvement, allowing developers to inspect, modify, and contribute to the tool's improvement.
--------------------------------------------------
Negative Factors:
False Positives:
A few amount of known plugins, either because of their obfuscation or complex internals, may cause false positives from this software. This can be a really difficult situation for a server owner, because he faces the dilemma of whether we should trust the Anti-Malware software or the well known plugin.
Lack of Documentation:
One significant drawback is the scarcity of comprehensive documentation. Users may find it challenging to navigate the tool's functionalities and optimize its features without proper guidance. Improved documentation would greatly enhance user experience. This also applies to the code itself, which for the most part is undocumented.
Java 17 Requirement:
The tool's dependence on Java 17 poses a significant limitation for server owners running Minecraft versions between 1.8 and 1.16. This exclusionary factor could alienate a considerable portion of the Minecraft community, as many servers may not be ready to upgrade to Java 17.
Lack of API:
The absence of an Application Programming Interface (API) restricts the extensibility and customization of Spigot Anti Malware. Server owners seeking to integrate additional features or plugins may face limitations, hindering the tool's adaptability.
Depressing Forum Resource Page:
The forum resource page, being a key point of interaction for users, should ideally foster a positive community environment. However, the descriptor "depressing" suggests a negative experience, potentially deterring potential users from exploring the tool further. Improving the forum page's content and engagement could enhance the overall perception of Spigot Anti Malware.
Spigot Anti Malware review by CMarco Development Team.
--------------------------------------------------
Positive Factors:
Improves Safety of Server:
Spigot Anti Malware effectively bolsters server security, mitigating the risks associated with malware and unauthorized intrusions. The tool actively contributes to creating a safer gaming environment for both server owners and players.
Free and Open Source:
The fact that Spigot Anti Malware is freely available and open source is a major advantage. It fosters community involvement, allowing developers to inspect, modify, and contribute to the tool's improvement.
--------------------------------------------------
Negative Factors:
False Positives:
A few amount of known plugins, either because of their obfuscation or complex internals, may cause false positives from this software. This can be a really difficult situation for a server owner, because he faces the dilemma of whether we should trust the Anti-Malware software or the well known plugin.
Lack of Documentation:
One significant drawback is the scarcity of comprehensive documentation. Users may find it challenging to navigate the tool's functionalities and optimize its features without proper guidance. Improved documentation would greatly enhance user experience. This also applies to the code itself, which for the most part is undocumented.
Java 17 Requirement:
The tool's dependence on Java 17 poses a significant limitation for server owners running Minecraft versions between 1.8 and 1.16. This exclusionary factor could alienate a considerable portion of the Minecraft community, as many servers may not be ready to upgrade to Java 17.
Lack of API:
The absence of an Application Programming Interface (API) restricts the extensibility and customization of Spigot Anti Malware. Server owners seeking to integrate additional features or plugins may face limitations, hindering the tool's adaptability.
Depressing Forum Resource Page:
The forum resource page, being a key point of interaction for users, should ideally foster a positive community environment. However, the descriptor "depressing" suggests a negative experience, potentially deterring potential users from exploring the tool further. Improving the forum page's content and engagement could enhance the overall perception of Spigot Anti Malware.
-
Author's response
Seriously? Using ChatGPT to make the review for you? (Yes, it's obvious)
1) Every Anti-Malware has False-Positives, these get fixed as reported, if possible. Side note, I have "Any bugs and/or false-positives should be reported either on the GitHub repo, plugin discussion page, or on the discord server " in console on every run.
2) Lack of documentation: You've got both instructions and the "--help" argument. Both fully explain how to use the Anti-Malware, and all of its functionality. Lack of code documentation: It's not meant to be easy to read.
3) This is a third-party, only related to Minecraft by name and the site it's uploaded on, product. I'm not restricted by Minecraft servers. Also, you can't read. It says Java 17 is required, and you tried using Java 8. This is not on me, but is on you.
4) An API will never be added. This requires allowing third-party code to run, which invites malicious code. For the program's security, and the security of everyone who runs this project, I will never add an API. As it stands, nothing gets ran as long as people follow the instructions exactly.
5) Idk m8 the description seems to be good enough. 28.7K downloads, 73 reviews. 4.5/5 stars. I don't think I need to change a thing
1) Every Anti-Malware has False-Positives, these get fixed as reported, if possible. Side note, I have "Any bugs and/or false-positives should be reported either on the GitHub repo, plugin discussion page, or on the discord server " in console on every run.
2) Lack of documentation: You've got both instructions and the "--help" argument. Both fully explain how to use the Anti-Malware, and all of its functionality. Lack of code documentation: It's not meant to be easy to read.
3) This is a third-party, only related to Minecraft by name and the site it's uploaded on, product. I'm not restricted by Minecraft servers. Also, you can't read. It says Java 17 is required, and you tried using Java 8. This is not on me, but is on you.
4) An API will never be added. This requires allowing third-party code to run, which invites malicious code. For the program's security, and the security of everyone who runs this project, I will never add an API. As it stands, nothing gets ran as long as people follow the instructions exactly.
5) Idk m8 the description seems to be good enough. 28.7K downloads, 73 reviews. 4.5/5 stars. I don't think I need to change a thing
IMPORTANT -----> !!!!looks pretty bad and dumb but havent had a chance to try yet. would not recommend, windows defender flagged it as suspicious !!! <-----
i think this plugin very good, but it detected malware in geyser plugin. geyser downloaded from official site
don't work be good for me
can't find Virus and Select my Safe Plugins :_(
can't find Virus and Select my Safe Plugins :_(
This plugin is very easy to use, I recommend it very much, but it may not be so perfect, for the infected plug-in after repairing Chinese inside will be directly garbled and cannot be repaired, I hope the author can fix this problem
This AntiMalware is great, works great, the owner answers the ticket right away, and helped me solve the problem. It's amazing how easy it is to get malware these days. And it's great if you can find something to help you.
Thanks to this plugin, the suspicious entries in the logs are finally over. Great project
It tends to false positive on some well known plugins, but can be very helpful in identifying plugins that have malware.
Congratulations on 20k downloads! Please keep maintaining and improving this useful resource
You KİNG :))) AMAZING :))))))) :DDDDDD :DDDDDDD :)))))))))))) :DDDDDD :)))))))))
false flags but helped me and deleting viruses reinstall all jars plugins, thanks very much
This works great and it is not malware of any kind. Good to see if plugins do something I dont want them to. The troll below is someone probably adding malicious code to plugins.
answer the question!
amugy you thought that someone wouldn't notice that code but I'd notice one of my friends!
amugy you thought that someone wouldn't notice that code but I'd notice one of my friends!
-
Author's response
Ah, now I understand what your spammy and rule breaking reviews were about.
Someone didn't bother seeing how the specific code you're talking about is implemented. It's used for 1 of 3 notification methods if malware's found. Those three being discord webhooks, the console, and a popup
Someone didn't bother seeing how the specific code you're talking about is implemented. It's used for 1 of 3 notification methods if malware's found. Those three being discord webhooks, the console, and a popup
There are just too many false positives!
In fact more than a quarter of my plugins got flagged as virus;
Though there was no viruses bypassed it,but I can do the same by flagging literally ALL the plugins,right?
;/
In fact more than a quarter of my plugins got flagged as virus;
Though there was no viruses bypassed it,but I can do the same by flagging literally ALL the plugins,right?
;/
-
Author's response
These should be reported to me so they can be fixed :)
If it's ForceOP, then there's not much I can do. People use setOp to run command without perms in a legit way and there's too many variations to fix the issue permanently
If it's ForceOP, then there's not much I can do. People use setOp to run command without perms in a legit way and there's too many variations to fix the issue permanently
5 stars to this salvation it helped me to remove the backdoor I did what it said in the description and if it worked I recommend it
Why it doesn't work without VPS? I just can't understand the VPS, so I used normal minecraft hosting
-
Author's response
It can work on any computer. I run it on my local PC for example to mass-scan over 30k resources. Spigot, Bukkit, and modrinth
Detects plugins such as LuckPerms or AntyCheat Spartan (paid, of course) or SkinRestorer as a threat. It doesn't seem to work.
-
Author's response
It does work actually. Anything on
https://www.spigotmc.org/threads/list-of-found-malware.389467/ was found by me by using this program :)
As for LP, Spartan, and SkinRestorer they all use methods that aren't exactly easy to deal with.
As for LP, Spartan, and SkinRestorer they all use methods that aren't exactly easy to deal with.
Optic is an amazing Developer and always working to increase the detections and remove any possible bypasses that could be found. I highly recommend this to any and every server owner.
Big service to the spigot/server community!
There are indeed false positives that occur often, but not that bad considering it could potentially catch the malicious plugin
There are indeed false positives that occur often, but not that bad considering it could potentially catch the malicious plugin
Plugin works but have false positives on realy popular plugins (if not the most popular)
Way too many false positives. It strikes out at the most absurd things that aren't even dangerous. Not recommended.
-
Author's response
What does it strike out that isn't dangerous exactly? And even if there are false-positives, it's still quite effective. Anything on this thread
https://www.spigotmc.org/threads/list-of-found-malware.389467/ was found by my Anti-Malware. If you need a jar count, 535 malicious jars have been found, some dating back to 2016.
Good resource. But update the red text, it doesn't work on Java 16 anymore, requires Java 17.
Error: LinkageError occurred while loading main class optic_fusion1.antimalware.Main
java.lang.UnsupportedClassVersionError: optic_fusion1/antimalware/Main has been compiled by a more recent version of the Java Runtime (class file version 61.0), this version of the Java Runtime only recognizes class file versions up to 60.0
Error: LinkageError occurred while loading main class optic_fusion1.antimalware.Main
java.lang.UnsupportedClassVersionError: optic_fusion1/antimalware/Main has been compiled by a more recent version of the Java Runtime (class file version 61.0), this version of the Java Runtime only recognizes class file versions up to 60.0
-
Author's response
Fixed :)
Very good plugin!! it detect all force op at my server and the hostflow gone
Thanks Dev :p
Thanks Dev :p
Bypassed :]
Add me on discord: _MRZT721010_#0309
80 charachters----------------------
Add me on discord: _MRZT721010_#0309
80 charachters----------------------
this is written by ProudDesk's girlfriend: hello! my boyfriend always gives the mall malware so that I can't go into clothing shops, this plugin prevents this and now I can go into any shop I want, as long as I want.
Thank you Optic.
Thank you Optic.
Good yet there is bypasses for many things.
ForceOP: Excecute a console command to op player
Crasher: Thread.sleep() for anything not long limit or double limit (Long.MAX_VALUE - 1 works)
ForceOP: Excecute a console command to op player
Crasher: Thread.sleep() for anything not long limit or double limit (Long.MAX_VALUE - 1 works)
a useful plugin and the owner of the plugin helped me in many ways on the discord server thank you very much I love such developers <3
I appreciate the work that has gone into this resource. I don't have any known malware I can check, but so far, I haven't been able to find anything wrong with it!
Good plugin, plugin works perfectly, it is easy to bypass tho. Sadly most new well made ForceOps will bypass until there is a specific check made for the..
-
Author's response
Send me a few force-op jars that bypass the program and I'll see what I can come up with :)
Bada bop boom pow!!! Idk what to write here cuz honestly its a nice resource myeah I have spoken.
-
Optic puts in the work. He is constantly trying to improve this RESOURCE and to stop dirty forceOPs and other shenanigans on other peoples' servers.
-
Author's response
That's better XD
Thank you for the review :)
Thank you for the review :)
it gives giving me errors I wanna give more stars but its just that it isn't working for me till this is fixed its 2 stars
-
Author's response
Next update will fix some of these issues :)
Very good plugin!! it detect all mallware at my server and the hostflow gone
Thanks Dev :3
Thanks Dev :3
this plugin is very good, ı found virus in plugins . thx you <3 <3 (ı writed this for 80 chacter)
Why there is so many libs inside it lol, just use fucking ASM or BECEL. Some cheks are dumb as fuck also i think you are don't know what you are doing. (But it somehow works idk)
-
Author's response
ASM is used. Each lib is used for a specific feature or set of features as well
as for checks, each one exists for a reason.
as for checks, each one exists for a reason.
Worked excellently, and the developer is very helpful, and he accepts ideas and fixes your problems
A tool you can not live without when you run a server ... this prtect you to realy bad news and the dev 10 starts for frendlyness and the quick help that prevented a lot of problems before they could happen .. ty very much and to all this is a must have !
-------------------------------
A great way for better securing your server
-----------------------
A great way for better securing your server
-----------------------
why does this plug-in not support fox spigot? need it to work with fox spigot or im not gonna use
-
Author's response
It's not going to support every spigot fork in existence, i don't have the jar so it won't support it.
The last update was fixed my problem. Big thanks to the author so friendly! <3
As a single dev to work by myself in the server this is the best to do to your server to look around If there's backdoor'ed plugin
As a single dev to work by myself in the server this is the best to do to your server to look around If there's backdoor'ed plugin
Add
https://www.spigotmc.org/resources/server-protector.89156/ as somehow spigot hasn't taken it down
-
Author's response
Should be detected already actually
Please keep updating it because I need this really bad~ hehe
Thank you for the hard work and I look forward to see more coming : )
Thank you for the hard work and I look forward to see more coming : )
-
Author's response
It does actually get active updates, usually just to the database instead of the program its self :p
I pasted this java -jar MCAntiMalware.jar INTO the server console while server is off and it didnt work
-
Author's response
If you're using some sort of web panel there's going to be issues.
If you send me a download link of your plugin jars I'll look through them myself :)
If you send me a download link of your plugin jars I'll look through them myself :)
One of the best things to increase your security, finds all the infected plugins for you! 10/10 recommend downloading!
I find some malicious plugins successfully by using SAM, thanks for your hard working!
Btw, can I share this to MCBBS(A Minecraft Forum in China, https://www.mcbbs.net)? I want to let more people find malicious plugins. Also I will mark you as the author and link your spigotmc.
Btw, can I share this to MCBBS(A Minecraft Forum in China, https://www.mcbbs.net)? I want to let more people find malicious plugins. Also I will mark you as the author and link your spigotmc.
-
Author's response
Sure, the more people that use it the better :)
does not work, cannot find the simplest ForceOP, what to speak of more complex malware.
-
Author's response
Seriously? You're better off reporting these things before instantly going to a 1 star review, it will be looked into though.
Super sketchy obfuscated source. I would not trust this at all, DO NOT DOWNLOAD.
-
Author's response
Pro guarded specifically for size purposes. The unobfuscated jar is 16, 787KB
The proguard map:
https://github.com/OpticFusion1/MCAntiMalware/releases/download/8.1/proguard_map.txt
The proguard seed:
https://github.com/OpticFusion1/MCAntiMalware/releases/download/8.1/proguard_seed.txt
So feel free to look yourself
The proguard map:
https://github.com/OpticFusion1/MCAntiMalware/releases/download/8.1/proguard_map.txt
The proguard seed:
https://github.com/OpticFusion1/MCAntiMalware/releases/download/8.1/proguard_seed.txt
So feel free to look yourself
Very useful, it helped me to find some malicious plugins that I didn't know.
Thanks!!!!
Thanks!!!!
does not work, falses even with essentials XD
do not use, there is higher chance of finding false than real malware
do not use, there is higher chance of finding false than real malware
-
Author's response
If you find a false-positive, there's many ways to report them (DMing me, github, discord, etc). In this case Essentials has a fuck ton of updates so it's hard to whitelist all of them. If i remember correctly they're abusing Player#setOp or some shit, which is hard to deal with.
There's only so much a single Dev can do when no one reports anything
There's only so much a single Dev can do when no one reports anything
Ty, I just found out how a random player got popped upon joining
great job on the plugin, keep it up!
great job on the plugin, keep it up!
Useful stuff, Helped me find malware in my server and it found! Thanks for making something like and helping the community.
This veeery good, players who can't use it: create folder - create folder plugins - grab this to first folder(main) - use start(bat/cmd/sh and other for u) - grab plugin to folder plugins for test - start this. Done
So good!
So good!
-
Author's response
You can also put the jar in the same directory as the jar file(s) and do java-jar MCAntiMalware.jar --scanDirectory .
It's been a year since I last tested this product. I decided to give him a second chance and tested it with public exploits from YouTube. Conclusion: I tested 6 plugins and 1 of my own, and no exploit was found. If you want to really check your code, check it manually, don't trust it.
-
Author's response
It works in most use cases, detecting over 200 different malicious plugins. Is it perfect? No absolutely not, I'm not aware of every little exploit or malicious resource on the internet. If people don't give me info then there's nothing i can do about it. People don't give me bug reports so i can't fix bugs. People don't give me false-positive report so i can't easily fix false-positives. People don't send me malicious plugins so i can't deal with those. In your case you complain about something I wasn't even aware of, if you want it fixed send me the YT links and/or your own plugin. There's nothing i can do if I'm not aware of it
It works really well at protecting servers from harmful malicious plugins! Thank you for having such an amazing resource available! <3
It works really well at protecting servers from harmful malicious plugins! Thank you for having such an amazing resource available! <3
Loved creating the design for this spigot page!
Have fun developing more in the future :D
Have fun developing more in the future :D
Feels a lot safer with this. Thank you very much :D
Also, now I know the server will be less likely to get hack.
Also, now I know the server will be less likely to get hack.
Awesome plugin, every server owner should use it!
.....................................
.....................................
Nice idea and everything works fine
._._._._._._._._._._._._._._._._._._._._._._._.
._._._._._._._._._._._._._._._._._._._._._._._.
Fast Support, easy use of the "Plugin"
This helps me alot to check all the other Plugins so the Server is safe
Thank you for such a powerful Tool
This helps me alot to check all the other Plugins so the Server is safe
Thank you for such a powerful Tool
Una pregunta este plugin detecta los plugins que hacen criptomonedas ?
----------------------------
----------------------------
I don't know what to give this plugin so I'm giving it 5 stars. How do I run this plugin on a web host?
-
Author's response
Depends on the web host that you're using, you're also better off asking for support in the support server
https://discordapp.com/invite/cGvmws7
Plugin doesnt work??? I've tried on 1.8 and 1.15, and i cant even seem to find the config file? PLEASE HELP!!
-
Author's response
Just tried it.
It does in fact work.
Join the discord server please if you haven't already, if you have then a new review would be nice
It does in fact work.
Join the discord server please if you haven't already, if you have then a new review would be nice
my developer tried to force op himself, and BOOM! your plugin detected it and now my developer is fired. thank you!
Great for testing some plugins that can be malicious from unknown developers, but there is one thing that can be better... It's eating so much RAM that in the middle of plugin testing it just freezes. Can you add Java garbage collector or something like that to prevent these memory leaks? Thanks.
-
Author's response
This is something i can look into ^.^
pretty cool has some false positives on some plugins but other then that its pretty good at detecting malicious plugins
Anyone that build an server should use this before adding in plugins! Be safe!
BTW, Dev on here replays and helps you out! Nice man. Thnx alot.
/Micke
BTW, Dev on here replays and helps you out! Nice man. Thnx alot.
/Micke
Perfect. I have a separate test server specifically for testing against potential malware in a new plugin I get before even putting it in a dev test server or my production, saves so much potential hassle.
I wouldn't recommend running this plugin... it could contain malware! Maybe there's malicious code in there!
-
Author's response
You know... the program is completely open source...
People can just look at the github and see that it's safe
People can just look at the github and see that it's safe
I will be honest, it has detected my private plugin with OP command. Problem here is, my OP command is security enhanced version of the classical OP. It's permission and hash protected (that means even if you have a backdoor in our permission system, you need to unlock it with password, that is hashed).
-
Author's response
If you PM me the jar i can look into fixing the false-positives the ForceOP check has
Code Quality: A
This is a must-have if you don't know what you're putting into your server!
In about 3 days we've fixed critical issues with it and I'm so proud I was able to help to make this program even better!
This is a must-have if you don't know what you're putting into your server!
In about 3 days we've fixed critical issues with it and I'm so proud I was able to help to make this program even better!
Really need a tutorial video :(
.................................................
.................................................
-
Author's response
Yea i know. I need to get around to a tutorial video for all of my current resources.
Need to see if my headset is good enough for videos though.
Need to see if my headset is good enough for videos though.
"If they're not public, how am i supposed to find them?"
That's what reverse engineering is about. You will have to learn various ways to find them. =)
That's what reverse engineering is about. You will have to learn various ways to find them. =)
-
Author's response
Can't reverse engineer if i can't get the jar.
Also this should be in the discussions tab, not as a review
Also this should be in the discussions tab, not as a review
...............................................................
Your project didn't find my exploits.
...............................................................
Your project didn't find my exploits.
...............................................................
-
Author's response
If they're not public, how am i supposed to find them?
Superb plugin, author helped me find out my problem. Plugin works without problems and detects maleware pretty well.
it was awesome just had some issues cuz i am not that smart with this stuff but it works AWESOME
Very very great plugin!
On 174 malicious plugins, this anti-virus detected 165.
I mean it don't detect all malicious things, but it's a (very) good start!
But I noticed some non-malicious plugins are flagged as ForceOP, like LuckPerms and more! Could you fix it?
Otherwise great plugin.
On 174 malicious plugins, this anti-virus detected 165.
I mean it don't detect all malicious things, but it's a (very) good start!
But I noticed some non-malicious plugins are flagged as ForceOP, like LuckPerms and more! Could you fix it?
Otherwise great plugin.
-
Author's response
If you can PM me those remaining malicious plugins i can fix that ;)
Also i'm more than aware of the ForceOP thing, i personally don't know how to fix it though :(
Also i'm more than aware of the ForceOP thing, i personally don't know how to fix it though :(
Simple but very useful, I see much potential in this! Author was fast to respond to!
-
Author's response
Thanks <3
Wow. I really appreciate you making and sharing this plugin after seeign the risk our servers were exposed to. Thank you, you have my gratitude!
Amazing little app to quickly scan .jars for exploits. It has a lot of ForceOP false positives but if you have a tiny bit of how plugins work you can work out if its an issue or not. Better a false positive than no detection at all.
-
Author's response
Yea, i'm fully aware of the force-op as the overview says, not much i personally can do about that though since i'm not smart enough to fix it. No one has made a PR to the github fixing it either :/
Its detecting CloudNetAPI as a virus... but this Program/Software is rlly great!
-
Author's response
If you read the overview there's instructions on what to do if somethings being flagged as a false positive
This developer busts his behind to make our servers safer. I have been following this specific plugins progress from the very beginning. He spend tireless hours developing and coming up with ways to make sure every plugin possible is checked for exploits and malware. Thank you for doing what you do.
-
Author's response
I try as hard as i can, even with 18 issues on the github (at least they're ones i can't do, figure out or just don't have time to do). It's also not a plugin, it's a third party resource or similar. But thanks for being there since the very beginning and thanks for the support as well <3
Answer to latest author answer:
Beta 1.5 plugins had some differences, like a different layout, for exemple not the same configuration system, not the same way to get a player, and different packets, events (but not commands) system
Beta 1.5 plugins had some differences, like a different layout, for exemple not the same configuration system, not the same way to get a player, and different packets, events (but not commands) system
-
Author's response
Plugin.yml is the exact same, literally the exact same. Also like i've said before, Beta 1.5 plugins are so out of date there's literally no reason to properly support them. So don't expect ANY support for them, AT ALL.
Don't work with Beta 1.5 plugins!
Please fix that!
--------------------------------------------------------------------------------------------------------
Please fix that!
--------------------------------------------------------------------------------------------------------
-
Author's response
Huh, i wonder why they're not supported.
Those plugins are so out of date there's no reason to properly support them.
So no, i won't bother supporting them. You're completely on your own.
Those plugins are so out of date there's no reason to properly support them.
So no, i won't bother supporting them. You're completely on your own.
ok this resource is very interesting,I hope he keeps you up to date.
just that when you pass the files to remove the alleged malware (or forceop type) you do not put it you ahahah.
You will have to fix the thing of false positives for the "forceop" because it detects that Luckperms and Worldguard uses forceop
just that when you pass the files to remove the alleged malware (or forceop type) you do not put it you ahahah.
You will have to fix the thing of false positives for the "forceop" because it detects that Luckperms and Worldguard uses forceop
-
Author's response
If you bothered reading the overview completely you'd realize that i already know about the forceop false positive and that i have an issue about it on the resources github page
https://github.com/OpticFusion1/MCAntiMalware/issues/22
A really good plugin, also, 3 MB? Lol, that is so much for a minecraft plugin. I recommend it without a doubt! (sorry if i put something bad, i talk spanish)
-
Author's response
This isn't a plugin, it literally says that on the overview
Fake reviews other plugin authors plugins talks trash about them and calling them ''force opers''
-
Author's response
You know, i love how you just straight up deny it instead of try to prove me wrong, literally anyone can download your plugin and decompile it and see you're a liar, and you gotta rage review because i called you out on something that's true.
This is such a cool resource and very helpful. Especially for newer server owners who really have no clue what they are downloading. I ran it on my server for funsies just to check. Only one plugin came back as malware (but dont worry I know why this plugin did that and its not malware)
The author is super response and nice. Very helpful if you have an issue (Like my stupid self reporting an issue cause I couldn't remain the overview page fully #StupidShaneBee)
Thanks for making something super useful!
The author is super response and nice. Very helpful if you have an issue (Like my stupid self reporting an issue cause I couldn't remain the overview page fully #StupidShaneBee)
Thanks for making something super useful!
-
Author's response
<3 Thanks for the nice comment <3
I like this plugin too, I hope to be able to update it for a long time!!!!!!!!!!!!!!!!!!!!
-
Author's response
Thanks <3
Awesome plugin. Glad there is people like you doing this kind of work!
There may be a couple of fake positives with skript and worldguard (it says it could have forceop). But besides that, it works like a charm.
There may be a couple of fake positives with skript and worldguard (it says it could have forceop). But besides that, it works like a charm.
-
Author's response
Thanks <3 and yea as i said the PM ages ago these are known issues, sadly i personally do not know enough to fix these my self which means someone else has to PR a change that fixes it
Good that u try to help the community only sad that some people don't read the description where it tells u it isn't a plugin but a tool to help u find dangerous plugins/folders. Good job keep up the good work <3
-
Author's response
Thanks <3
Please man tell me what is point of this plugin
So you made plugin which will check plugins
But spigot check all plugins which are posted here already
Why will you make plugins like that to help people which are downloading cracked plugins from who know where
By my opinion every one who goes and downloads plugins from some strange sites we wont call names here (It is ok if they get punished)
Literally what are you saying with your plugins go download premium
from who know where and check them with my plugin to see if they are safe
I think you should remove this plugin
So you made plugin which will check plugins
But spigot check all plugins which are posted here already
Why will you make plugins like that to help people which are downloading cracked plugins from who know where
By my opinion every one who goes and downloads plugins from some strange sites we wont call names here (It is ok if they get punished)
Literally what are you saying with your plugins go download premium
from who know where and check them with my plugin to see if they are safe
I think you should remove this plugin
-
Author's response
Spigot only checks PREMIUM plugins, and that's only the first update, you also do realize malicious plugins get uploaded onto spigot as well, right?
https://www.spigotmc.org/threads/malware.362192/
https://www.spigotmc.org/threads/more-malware.364408/
Also i'm not saying "Go pirate plugins" as for the one check, I completely forgot to redact it from the logs, expect an update soon to fix that
Edit: This also isn't a plugin, it even says that in the resource description
Edit 2: The newest update fixes the whole log issue
https://www.spigotmc.org/threads/malware.362192/
https://www.spigotmc.org/threads/more-malware.364408/
Also i'm not saying "Go pirate plugins" as for the one check, I completely forgot to redact it from the logs, expect an update soon to fix that
Edit: This also isn't a plugin, it even says that in the resource description
Edit 2: The newest update fixes the whole log issue
I found this to be an interesting resource. Looking forward to seeing it develop.
-
Author's response
<3
This is just honestly amazing, I tested it with a few cracked plugins and it detected the malware instantly. Thanks for putting your hard work into this project
-
Author's response
<3
I did not experience any of the issues from the previous review. It ran super fast with roughly the same amount of plugins and made a super easy to use log.txt file. Thanks for a very useful tool and something to give me a little bit more confidence that the plugins I'm selecting won't damage my server. I know this project has taken you countless hours of research. Thanks again.
-
Author's response
That's because before it didn't have the better logging :P
But you're welcome <3
But you're welcome <3
Hey, Your programm is a very usefoul. But it takes me over an hour to chek over 20 Plugins. You must realy edit the log file because it' s Confusing. Sorry for my English im from Germany.
-
Author's response
Noted. This will be fixed next update (hopefully)
Edit: This has been fixed, also next time post any issues/suggestions etc..etc.. in the Discussion tab <3
Edit: This has been fixed, also next time post any issues/suggestions etc..etc.. in the Discussion tab <3
Resource Information
Author:
----------
Total Downloads:
59,298
First Release:
Feb 25, 2019
Last Update:
Jul 21, 2024
Category:
---------------
All-Time Rating:
83 ratings
Version
-----
Released:
--------------------
Downloads:
------
Version Rating:
----------------------
-- ratings