How to scan an web server directory for malicious php scripts?

I found two ways so far:

clamscan -ir /home/user/public_html
maldet -a /home/?/public_html > maldet_scan_output

i run maldet command in screen. Do you know other good ways to find malware php scripts in some path?