Introduction
cPanel technical support has a script to do an overall scan of a server for malware. This script is for discovery purposes only.
cPanel's Technical Support does not provide security consultation services. The only support services we can provide at this time is to perform a minimal analysis of the possible security breach solely for the purpose of determining if cPanel's software was involved or used in the security breach.
Procedure
The CSI script is available at https://raw.githubusercontent.com/CpanelInc/tech-CSI/master/csi.pl and can be downloaded each time and passed to a shell, so the latest version is executed.
This is done by executing this entire one-liner and pasting it into a root shell, and hitting enter:
/usr/local/cpanel/3rdparty/bin/perl <(curl -s https://raw.githubusercontent.com/CpanelInc/tech-CSI/master/csi.pl)
You can also pass options including --help
/usr/local/cpanel/3rdparty/bin/perl <(curl -s https://raw.githubusercontent.com/CpanelInc/tech-CSI/master/csi.pl) --help
and a full scan would be executed with --full like this
/usr/local/cpanel/3rdparty/bin/perl <(curl -s https://raw.githubusercontent.com/CpanelInc/tech-CSI/master/csi.pl) --full
Any concerning output from this script would need to be reviewed by an obtained qualified server/systems/security administrator. cPanel LLC does not provide security related services.