Not so long ago this site and other domains hosted on my server were injected with malware PHP scripts that caused all sorts of damage, including amending javascript files to display ads to people who visited my sites.

These 2 bash commands saved my life and I would like to share them with the world.

The first one will find any javascript file that contains the string "eval(unescape" which is the most common way of injecting malicious code. The second is a similar method for PHP files.

find . -name "*.js" | xargs grep -l "eval(unescape"
find . -name "*.php" | xargs grep -l "eval(base64_decode"

Seek and destroy!