Blazescan – Linux webserver malware scanner and DFIR tool set
Minerchk – my own tool developed to detected and prevent malicious cryptomining.
Drupalchk – my own tool help you parse Apache access logs for signs of Drupalgeddon 2 compromises
LW-yara – my own malware database using Yara and ClamAV signatures. Tuned for web servers to detect malicious php, phishing, and other server malware.