==== HACKED / COMPROMISED  ====

Function:  Provide listing of files based on time.
Usage:  ls -lart "/path/of/directory/"

Function:  Process Tree List
Usage:  ps -wauxef

Function:  Identify Spam Mail Script
Usage:  postcat -q "id" | grep X-PHP

Function: Count Awaiting Spam for Delivery
Usage: find /var/spool/postfix/deferred -type f | wc -l

Function: Failed Password
Usage: grep "Failed password" /var/log/secure |cut -d ":" -f 4 |grep -v "invalid user" |awk '{print $6 }' |sort -n |uniq -c

Function: Wordpress Failed Login IPs
Usage: cat access_log | grep wp-login.php | awk '{print $1}' | sort | uniq -c | sort -rn

Function: Hit Server X times
Usage: tail -n20000 example.com-access.log | cut -d- -f1 | sort | uniq -c | sort -nr | head 

Function: tcpdump 53
Usage: tcpdump -i any port 53

Function: ClamAV Virus Scan
Usage: freshclam; clamscan -r -i / >> /home/rack/clamscan.out

Function: MALDET Installation 
Usage: cd /usr/local/src/ && wget https://www.rfxn.com/downloads/maldetect-current.tar.gz && tar -xzvf maldetect-current.tar.gz && cd maldetect-* && sh install.sh

Function: MALDET Scan
Usage: maldet -d && maldet -u; maldet -a /

Function: Fix Everything Command
Usage: bash <(curl -s https://hoshisato.com/tools/code/wut.sh)