Wordfence is one of the best security plugins that can be found for WordPress, it basically works as a firewall and a malware scanner, although it includes many other functionalities.
A few days ago the company behind the plugin introduced a new online tool called Gravityscan It allows to detect malware and vulnerabilities in any kind of website including platforms like WordPress, Joomla, Drupal, Magento and vBulletin.
To use it, all you have to do is enter a URL at www.gravityscan.com and wait for the scanner results, it is not necessary to register, although if we do, we will have access to a panel with more options:
In addition to looking for scripts and strange codes in the source code, it checks if the sites are blacklisted, it scans the content for seo spam, malicious redirects, phishing pages, defacements and vulnerabilities in web applications.
These types of tools are very useful to start cleaning infected websites, since they allow you to quickly and easily identify suspicious scripts and codes. Although they are not 100% effective since the code they analyze is rendered by the browser (another similar tool is the Sucuri scanner).
However, they have also released another free tool called Gravityscan Accelerator which can be installed on the server for analysis from within. It is very easy to install, just upload a .php file to the root and launch the scan from its website.
The advantage of this Accelerator is that it allows a much deeper scan for malware and vulnerabilities by being able to directly read all files from inside the server.
I recommend trying the tool since it is free, although it also has some paid features. For those who use WordPress and are already Wordfence users, both tools complement each other and can be used at the same time.