diff --git a/definitions/patterns_raw.txt b/definitions/patterns_raw.txt
index 1ec377b..caf1598 100644
--- a/definitions/patterns_raw.txt
+++ b/definitions/patterns_raw.txt
@@ -340,4 +340,8 @@ $f1 = ".ht"; $f2 = "acc"; $f3 = "ess";
 # split escaped
 \x73\x70\x6C\x69\x74
 # >tpircs/< aka </script>
-\x3E\x74\x70\x69\x72\x63\x73\x2F\x3C
\ No newline at end of file
+\x3E\x74\x70\x69\x72\x63\x73\x2F\x3C
+# comment spoof function call
+/*;*/
+# web shells host type extraction
+php_uname()
diff --git a/definitions/patterns_re.txt b/definitions/patterns_re.txt
index c589d46..6466b2d 100644
--- a/definitions/patterns_re.txt
+++ b/definitions/patterns_re.txt
@@ -93,3 +93,6 @@ eval\(\$[a-z0-9_]+\(\$_POST
 
 # GLOBALS inject with escaped content
 \$GLOBALS;\$\{"\\x
+
+# web shells host type extraction RE
+php_uname\(["'asrvm]+\)