v1.1

adds:

FAQ document
/var/log/sh.log evidence source
/var/log/cron evidence source
new shell history terms contributed by the community
fixes:

don't match legit bookmark files like bm_prefix_*
don't match build.sh in post exploitation
relaxed regex matching exploitation in access logs

from git revision: c7c6d63

filename: ioc-scanner-CVE-2019-19781-v1.1.sh
md5: 12087dd6772ec09845f6f11971e93775
sha256: 195292335bc777359255af0af96ac8c8eccc83637fea1f1296dfc2ce02b9d354