tabriz83/awesome-webshell

Awesome webshell collection. Including 150 Github repo, and 200+ blog posts.

所有收集类项目:

• 收集的所有开源工具: sec-tool-list: 超过18K, 包括Markdown和Json两种格式
• 逆向资源: awesome-reverse-engineering: IDA/Ghidra/x64dbg/OllDbg/WinDBG/CuckooSandbox/Radare2/BinaryNinja/DynamoRIO/IntelPin/Frida/QEMU/Android安全/iOS安全/Window安全/Linux安全/macOS安全/游戏Hacking/Bootkit/Rootkit/Angr/Shellcode/进程注入/代码注入/DLL注入/WSL/Sysmon/...
• 网络相关的安全资源: awesome-network-stuff: 代理/GFW/反向代理/隧道/VPN/Tor/I2P，以及中间人/PortKnocking/嗅探/网络分析/网络诊断等
• 攻击性网络安全资源: awesome-cyber-security: 漏洞/渗透/物联网安全/数据渗透/Metasploit/BurpSuite/KaliLinux/C&C/OWASP/免杀/CobaltStrike/侦查/OSINT/社工/密码/凭证/威胁狩猎/Payload/WifiHacking/无线攻击/后渗透/提权/UAC绕过/...
• 开源远控和恶意远控分析报告: awesome-rat: 开源远控工具: Windows/Linux/macOS/Android; 远控类恶意恶意代码的分析报告等

webshell

• English Version

目录

• 工具
  • (91) 新添加
  • (20) Webshell收集
  • (3) Webshell管理
  • (19) Webshell检测
  • (8) Webshell扫描
  • (2) 其他
• 文章
  • (232) 新添加

工具

---

新添加

• [1782星][4m] [Py] epinna/weevely3 用于后渗透的Web Shell，可以在运行时通过网络对其进行扩展
• [1770星][2y] [CSS] b374k/b374k a useful tool for system or web administrator to do remote management without using cpanel, connecting using ssh, ftp etc.
• [1059星][1m] [Py] yzddmr6/webshell-venom 免杀webshell无限生成工具(利用随机异或无限免杀D盾)
• [617星][1y] [Shell] wireghoul/htshells 自包含的Web Shell和通过.htaccess文件进行的其他攻击。
• [538星][3y] [PHP] dotcppfile/daws Advanced Web Shell
• [441星][4y] [C#] keepwn/altman the cross platform webshell tool in .NET
• [434星][1y] [Py] shmilylty/cheetah a very fast brute force webshell password tool
• [354星][8m] [PHP] s0md3v/nano PHP Webshell家族
• [321星][2y] [PHP] tanjiti/webshellsample webshell sample for WebShell Log Analysis
• [282星][1y] [JS] chrisallenlane/novahot Webshell框架，实现了基于Json的API，可与任何语言编写的后门（默认支持PHP/Ruby/Python）进行通信。
• [245星][9m] [Py] antoniococo/sharpyshell ASP.NET webshell，小型，混淆，针对C# Web App
• [209星][7m] [PHP] samdark/yii2-webshell Web shell allows to run yii console commands using a browser
• [206星][3m] [JS] yzddmr6/as_webshell_venom 免杀webshell无限生成工具蚁剑版
• [203星][6m] [Py] ares-x/awd-predator-framework AWD攻防赛webshell批量利用框架
• [189星][2y] [Java] rebeyond/memshell a webshell resides in the memory of java web server
• [181星][2y] [PHP] lcatro/php-webshell-bypass-waf 分享PHP WebShell 绕过WAF 的一些经验
• [173星][12m] [Java] joychou93/webshell 入侵分析时发现的Webshell后门
• [167星][7y] [PHP] secrule/falcon 基于inotify-tools 开发的Web服务器文件监控平台 能够实时监控Web目录文件变化(新增，修改，删除)，判断文件内容是否包含恶意代码，自动隔离常见Webshell，保证Web目录文件安全
• [133星][10m] [PHP] k4mpr3t/b4tm4n Php webshell
• [124星][8y] evilcos/python-webshell webshell writen in python
• [121星][3y] malwares/webshell WebShell Dump
• [106星][3y] [JS] boy-hack/webshellmanager w8ay 一句话WEB端管理工具
• [99星][1y] [Py] wonderqs/blade A webshell connection tool with customized WAF bypass payloads
• [98星][2y] [Java] securityriskadvisors/cmd.jsp A super small jsp webshell with file upload capabilities.
• [96星][2y] [Java] tengzhangchao/pycmd python+php+jsp WebShell（一句话木马）
• [82星][5y] [Py] xypiie/webshell a web-based ssh shell.
• [78星][3y] [PHP] secwiki/webshell-2 Webshell
• [77星][2y] [Py] wofeiwo/webshell-find-tools 分析web访问日志以及web目录文件属性，用于根据查找可疑后门文件的相关脚本。
• [76星][8m] [PHP] s9mf/s9mf-php-webshell-bypass 为方便WAF入库的项目 | 分享PHP免杀大马 | 菜是原罪 | 多姿势(假的就一个)
• [76星][3y] [C#] zcgonvh/cve-2017-7269-tool CVE-2017-7269 to webshell or shellcode loader
• [73星][4y] [PHP] phith0n/b374k PHP Webshell with handy features
• [68星][2y] [Py] 3xp10it/xdump Drag database with "one sentence" webshell
• [61星][8m] [PHP] michyamrane/wso-webshell php webshell
• [47星][2y] [PHP] whitewinterwolf/wwwolf-php-webshell WhiteWinterWolf's PHP web shell
• [47星][5y] [PHP] cloudsec/aioshell A php webshell run under linux based webservers. v0.05
• [45星][3y] [Py] threatexpress/subshell a python command shell used to control and execute commands through HTTP requests to a webshell.
• [40星][5y] evi1m0/webshell This is a webshell open source project
• [40星][4y] [PHP] wso-shell/wso WSO SHELL , wso shell , WSO.php , wso.php , webshell , wso-shell веб-шелл , шелл , WSO2.5 , WSO2.5.1 , WSO2.php , Shell download, C99 , r57 , bypass shell , P.A.S. (php web-shell) , PPS 4.0 , Скачать WSO Web Shell , Скачать wso.php , Скачать Web Shell
• [39星][5y] [PHP] ridter/webshell This is a webshell open source project
• [36星][2m] [PHP] linuxsec/indoxploit-shell IndoXploit Webshell V.3
• [32星][5y] jgor/php-jpeg-shell Simple PHP webshell with a JPEG header to bypass weak image verification checks
• [32星][4y] [PHP] wstart/webshell This is a webshell open source project
• [31星][2y] [Py] bwsw/webshell Docker container which includes Shellinabox and enables SSH connections to arbitrary (not where installed) servers
• [30星][9m] [Py] 3xp10it/xupload A tool for automatically testing whether the upload function can upload webshell
• [30星][4y] [PHP] fuzzdb-project/webshell This is a webshell open source project
• [27星][11d] [JS] onrik/django-webshell Django application for running python code in your project's environment from django admin.
• [21星][3y] [Py] l-codes/oneshellcrack a very very fast brute force webshell password tool
• [21星][4y] [PHP] secwiki/webshell This is a webshell open source project
• [18星][2y] [ASP] grcod/poly polymorphic webshells
• [18星][2y] [PHP] incredibleindishell/php-web-shells when i started web application security testing, i fall in love with web shell development and designed some PHP based web shells. This repository contains all my codes which i released in public.
• [17星][4y] [PHP] abcdlzy/webshell-manager 一句话木马管理工具，重复造轮子项目
• [16星][2y] [PHP] the404hacking/b374k-mini PHP Webshell with handy features.
• [15星][2y] [PHP] abdilahrf/kerang Kerang is a Another Webshell Backdoor, For Educational Purposes!
• [15星][5y] [ASP] le4f/aspexec asp命令执行webshell
• [14星][7m] [PHP] tengzhangchao/maskfindshell linux下webshell查杀工具
• [14星][3y] [Py] wangyihang/webshellcracker WebShell密码爆破工具
• [13星][7y] [PHP] lordwolfer/webshells This is a compilation of various shells that I had found in the wild.
• [11星][3y] [PHP] linuxsec/shu-shell Webshell Jumping Edition
• [11星][4y] [JS] maestrano/webshell-server Web based shell with configurable authentication
• [11星][3y] [C#] niemand-sec/razorsyntaxwebshell Webshell for Razor Syntax (C#)
• [10星][2y] [ASP] grcod/webshells php - asp - aspx
• [9星][1y] [PHP] itskindred/php-web-shell A Simple PHP Web Shell used for Remote Code Execution.
• [8星][2y] [C++] euphrat1ca/hatchet cknife（webshell manager）
• [8星][3y] [PHP] magicming200/evil-koala-php-webshell 邪恶考拉php webshell。
• [8星][2y] dubfr33/atlassian-webshell-plugin Webshell plugin that works on any Atlassian product employing their plugin framework
• [7星][8m] [PHP] chrissy-morgan/php-webshell-deobfuscator A Tool written in Python to help de-obfuscate the $GLOBALS type malware.
• [7星][2y] [PHP] josexv1/wso-webshell Copy of WSO-Webshell made by @Hardlinux
• [6星][1y] [PHP] evil7/webshell Some webshell useful like spy udf silic chatroom
• [4星][4y] [PHP] blackhalt/webshells An list of webshell vulnerability injection.
• [4星][12m] [PHP] brianwrf/priwebshell For Webshell downloading
• [4星][2y] [Java] 0x4e0x650x6f/pwn4jshell Java Web shell project
• [3星][4y] [JS] mhelwig/wp-webshell-xss A simple wordpress webshell injector
• [3星][3m] [PHP] tulungagungcyberlink/webshellbackdoor WebShell Backdoor. Use at your own risk.
• [2星][2y] [PHP] blue-bird1/webshell webshell
• [2星][2y] [PHP] thepacketbender/webshells webshells written with malice
• [2星][6m] [Py] cbiu/rsawebshell 主要用于AWD的RSA加密WebShell
• [2星][2y] [Py] mperlet/pomsky lightweight webshell
• [1星][3y] [Py] doyler/rwsh Ray's Web SHell
• [1星][6y] ettack/webshellccl A python script help with webshell bypassing.
• [1星][2y] [C++] pikeman20/webshell
• [1星][2y] [Py] tincho9/webshell-protector A small POC of defense from webshells
• [1星][2y] [Ruby] lolwaleet/rubshell A simple (and ugly) ruby-based webshell.
• [1星][2y] [Py] jubal-r/tinywebshell A small, simple php web shell with an interactive console
• [1星][2y] [Swift] wdg/webshell-builder A WebShell application builder (no use of Xcode)
• [1星][2y] [ASP] badc0d3/webshellcreator Simple Python script to create webshells
• [0星][3y] aaspky/webshell
• [0星][3y] dinamsky/webshell
• [0星][2y] [PHP] kap0k/caidao_encrypt In order to bypass waf, we use a php server, as a proxy, to encrypt the data flow between the China Chopper and the webshell. This tool is just for study and research.
• [0星][4y] [PHP] kuniasahi/mpshell my php webshell
• [0星][3y] tghosth/webshelljar
• [0星][3y] zh3feng/php-webshell-checker PHP-WebShell-Checker

---

Webshell收集

• [22055星][27d] [PHP] danielmiessler/seclists 多种类型资源收集：用户名、密码、URL、敏感数据类型、Fuzzing Payload、WebShell等
• [5181星][24d] [PHP] tennc/webshell webshell收集
• [2307星][30d] [PS] k8gege/k8tools K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
• [1392星][4y] [PHP] johntroony/php-webshells Common php webshells. Do not host the file(s) on your server!
• [682星][3y] [PHP] xl7dev/webshell Webshell && Backdoor Collection
• [428星][1y] [PHP] ysrc/webshell-sample 收集自网络各处的 webshell 样本，用于测试 webshell 扫描器检测率。
• [369星][1m] [PHP] blackarch/webshells Various webshells. We accept pull requests for additions to this collection.
• [289星][13d] [Java] mr-xn/penetration_testing_poc 渗透测试有关的POC、EXP、脚本、提权、小工具等
• [244星][3y] [PHP] tdifg/webshell WebShell Collect
• [156星][2y] [ASP] testsecer/webshell 这是一个WebShell收集项目
• [150星][2y] [Py] vduddu/malware Rootkits | Backdoors | Sniffers | Virus | Ransomware | Steganography | Cryptography | Shellcodes | Webshells | Keylogger | Botnets | Worms | Other Network Tools
• [145星][3y] [PHP] webshellpub/awsome-webshell webshell样本大合集。收集各种webshell用于webshell分析与发现
• [50星][3y] 0xhjk/caidao **菜刀及其衍生版本的Webshell管理工具收集
• [48星][2y] [PHP] backlion/webshell 这是一些常用的webshell
• [37星][4m] [PHP] x-o-r-r-o/php-webshells-collection Most Wanted Private and Public PHP Web Shells Can Be Downloaded Here. (Educational Purpose Only)
• [23星][3y] [PHP] 3xp10it/xwebshell 免杀webshell集合
• [23星][2y] [PHP] xiaoxiaoleo/xiao-webshell a collection of webshell
• [7星][3y] [Py] shewey/webshell 各种漏洞PoC、ExP的收集或编写
• [4星][3m] [PHP] suryamaulana/webshellbackdoor WebShell Backdoor Collection.
• [1星][2y] [PHP] 12345bt/webshell webshell收集项目

---

Webshell管理

• [310星][9m] [Py] wangyihang/webshell-sniper webshell管理器，命令行工具
• [232星][5y] [PHP] smaash/quasibot complex webshell manager, quasi-http botnet.
• [50星][3m] [C#] guillac/wsmanager Webshell Manager

---

Webshell检测

• [637星][4y] [PHP] emposha/php-shell-detector a php script that helps you find and identify php/cgi(perl)/asp/aspx shells.
• [501星][8m] [ASP] landgrey/webshell-detect-bypass 绕过专业工具检测的Webshell研究文章和免杀的Webshell
• [298星][4y] [Py] emposha/shell-detector a application that helps you find and identify php/cgi(perl)/asp/aspx shells.
• [189星][1y] [Py] he1m4n6a/findwebshell 基于python开发的webshell检测工具。
• [106星][3y] [Py] lingerhk/fshell 基于机器学习的分布式webshell检测系统
• [92星][2y] [Py] lcatro/webshell-detect-by-machine-learning 使用机器学习识别WebShell
• [85星][2y] [Py] hi-wenr0/mlcheckwebshell 机器学习检测Webshell
• [33星][3y] [Py] jkkj93/mint-webshell-defender 薄荷WEBSHELL防御系统，是一款WEBSHELL查杀/防御软件，采用PYTHON编写
• [33星][2y] [Java] mindawei/aliyun-safe-match Webshell和钓鱼网站检测（阿里云安全算法挑战赛 第29名）
• [21星][6m] [Py] manhnho/shellsum A defense tool - detect web shells in local directories via md5sum
• [15星][5m] [Java] wh1t3p1g/monitorclient 网站实时监控文件变动及webshell检测查杀工具
• [12星][2y] [Py] mylamour/oops-webshell Oops, It's funny to detect a webshell. Temporarily not maintained
• [10星][4y] [PHP] k0u5uk3/obfuscated-php-webshell-detector obfuscated-php-webshell-detector - Detect PHP Webshell in obfusucation
• [10星][7m] [PHP] th1k404/unishell A piece of php webshell which are using khmer unicode and yak obfuscator to be undetectable and silently.
• [8星][2y] [Py] mrfk/webshellcheck Webshell Detection Based on Deep Learning
• [8星][7m] [YARA] mxi4oyu/riskdetect 恶意软件以及webshell检测
• [7星][2y] [Py] grayddq/codeinspect 以代码发布的方式，从根本上实现WEBShell、网马或恶意链接等安全方面的检测。
• [2星][2y] [Py] zhl2008/webshell_detector webshell detector for iqiyi
• [1星][2y] [Py] zhl2008/webshell_detector_haozi

---

Webshell扫描

• [99星][3y] [Py] ym2011/scanbackdoor Webshell扫描工具，通过各种规则和算法实现服务器脚本后门查杀
• [46星][2y] [Py] erevus-cn/scan_webshell 很简单的webshell扫描
• [46星][4y] [Py] secwiki/scaing-backdoor 新一代Webshell扫描工具
• [31星][5y] [Py] jofpin/fuckshell Simple Webshell Scanner
• [31星][2y] ysrc/shelldaddy 跨平台 webshell 静态扫描器
• [10星][17d] [PHP] cvar1984/sqlscan Quick SQL Scanner, Dorker, Webshell injector PHP
• [4星][6y] followboy1999/webshell-scanner The Web Shell Scanner
• [2星][3y] [Py] junyu1991/webshellscanner A jsp webshell scanner,based on regex .

---

其他

• [33星][3m] [JS] medicean/superterm 利用 webshell 创建交互式终端
• [4星][1y] [Py] jincon/killshell a webshell Killer write by python

文章

---

新添加

• 2019.12 [freebuf] 冰蝎动态二进制加密WebShell基于流量侧检测方案
• 2019.11 [aliyun] 绕过WebShell检测的总结之文件免杀
• 2019.10 [aliyun] 记一次webshell的获取
• 2019.10 [aliyun] 红蓝对抗——加密Webshell“冰蝎”攻防
• 2019.10 [nsfocus] 冰蝎动态二进制加密WebShell的检测
• 2019.09 [hackingarticles] Web Shells Penetration Testing
• 2019.09 [freebuf] 冰蝎动态二进制加密WebShell特征分析
• 2019.08 [aliyun] 基于机器学习的jsp/jspx webshell检测
• 2019.08 [aliyun] 基于AST的Webshell检测
• 2019.07 [aliyun] 一道题回顾php异或webshell
• 2019.06 [aliyun] PHP Webshell下绕过disable_function的方法
• 2019.05 [detectify] How-to Tutorial: PHP Webshell De-Obfuscation
• 2019.05 [detectify] Investigation of PHP Web Shell Hexedglobals.3793 Variants
• 2019.05 [aliyun] 对于asp免杀webshell的一些总结
• 2019.05 [aliyun] 对于php免杀webshell的一些总结
• 2019.05 [freebuf] 聊聊安全测试中如何快速搞定Webshell
• 2019.04 [360] Machine Learning Recognition of WebShell
• 2019.04 [secvul] 权限维持 - 如何优雅的隐藏你的Webshell
• 2019.03 [freebuf] SharPyShell：用于C# Web应用程序的小型混淆版WebShell
• 2019.02 [rsa] Web Shells and RSA NetWitness Part 3
• 2019.02 [freebuf] 通过Webshell远程导出域控ntds.dit的方法
• 2019.02 [rsa] Web Shells and NetWitness Part 2
• 2019.02 [rsa] Web Shells and RSA NetWitness
• 2019.01 [aliyun] 过D盾webshell分享
• 2019.01 [sans] Closing the Door on Web Shells
• 2019.01 [sans] Hunting Webshells on Microsoft Exchange Server
• 2019.01 [sans] Hunting Webshells: Tracking TwoFace
• 2018.12 [valeriyshevchenko] From basic User to full right Admin access on the server (via XSS, LFI, WebShell)
• 2018.12 [aliyun] 通过webshell导出域控ntds.dit文件
• 2018.11 [freebuf] 一次编码WebShell bypass D盾的分析尝试
• 2018.09 [freebuf] Webshell入侵检测初探（一）
• 2018.08 [aliyun] 利用tomcat的JMX端口上传webshell
• 2018.08 [nsfocus] 【事件分析】No.9 潘多拉魔盒般的Webshell上传
• 2018.08 [360] 利用php自包含特性上传webshell
• 2018.07 [4hou] 错误页面中隐藏webshell的*思路
• 2018.07 [mazinahmed] Creating an Emojis PHP WebShell
• 2018.06 [aliyun] 正面绕过Xyntax 大佬用机器学习实现的PHP WEBSHELL检测
• 2018.06 [freebuf] 不包含数字字母的WebShell
• 2018.05 [freebuf] 利用“进程注入”实现无文件复活 WebShell
• 2018.04 [mitchmoser] Stapler pt. 2 — Webshells & Cronjobs
• 2018.04 [ironcastle] Webshell looking for interesting files, (Wed, Apr 18th)
• 2018.03 [aliyun] PHP反序列化漏洞与Webshell
• 2018.02 [360] 通过PHP扩展实现Webshell识别（一）
• 2018.02 [360] 一类混淆变形的Webshell分析
• 2018.02 [freebuf] TinyShop缓存文件获取WebShell之0day
• 2018.02 [venus] 初探机器学习检测 PHP Webshell
• 2018.02 [aliyun] 深度学习PHP webshell查杀引擎demo
• 2017.12 [freebuf] 一个比较好玩的WebShell上传检测绕过案例
• 2017.12 [freebuf] PHP WebShell变形技术总结
• 2017.12 [] 维持访问 WebShell
• 2017.09 [sans] Another webshell, another backdoor!
• 2017.09 [secist] 从getwebshell到绕过安全狗云锁提权再到利用matasploit进服务器
• 2017.09 [polaris] 利用sklearn检测webshell
• 2017.09 [freebuf] 挖洞经验 | 把PHP LFI漏洞变成Webshell的思路
• 2017.08 [secist] 我与网站的日常-webshell命令执行
• 2017.07 [paloaltonetworks] TwoFace Webshell: Persistent Access Point for Lateral
• 2017.07 [securityriskadvisors] A Smaller, Better JSP Web Shell
• 2017.07 [freebuf] 通过非数字和字符的方式实现PHP WebShell
• 2017.06 [aliyun] 如何优雅的维持一个Webshell
• 2017.05 [fuping] MSSQL DBA权限获取WEBSHELL的过程
• 2017.05 [aliyun] sa权限获取webshell思路
• 2017.05 [antonioparata] Hiding PHP Webshell in an effective way
• 2017.05 [evi1cg] Xsl Exec Webshell (aspx)
• 2017.05 [crowdstrike] How to Detect and Prevent Fileless Webshell Attacks with Falcon
• 2017.05 [niemand] From 404 and default pages to RCE via .cshtml webshell
• 2017.04 [freebuf] Webshell密码极速爆破工具 – cheetah
• 2017.04 [freebuf] Python安全运维实战：针对几种特定隐藏方式的Webshell查杀
• 2017.04 [rsa] From SQL Injection to WebShell
• 2017.03 [trustwave] Authentication and Encryption in PAS Web Shell Variant
• 2017.03 [freebuf] 一款好用的php webshell检测工具
• 2017.02 [secist] 一些不包含数字和字母的webshell
• 2017.02 [hackingarticles] Webshell to Meterpreter
• 2017.02 [hackingarticles] Web Shells Penetration Testing (Beginner Guide)
• 2017.02 [8090] 关于一句话webshell的隐藏(建议)
• 2017.01 [freebuf] 绕过网站安全狗拦截，上传Webshell技巧总结（附免杀PHP一句话）
• 2017.01 [secvul] 偶遇WEBSHELL老套路
• 2017.01 [4hou] 如何全面防御Webshell（下）？
• 2016.12 [4hou] 如何全面防御Webshell（上）？
• 2016.12 [trustwave] Raiding the Piggy Bank: Webshell Secrets Revealed
• 2016.12 [sevagas] TVT DVR/CCTV webshell exploit
• 2016.12 [rapid7] Web Shells 101: Detection and Prevention
• 2016.12 [aliyun] Tomcat、Weblogic、JBoss、GlassFish、Resin、Websphere弱口令及拿webshell方法总结
• 2016.12 [8090] php webshell分析和绕过waf技巧
• 2016.12 [360] php webshell分析和绕过waf技巧
• 2016.12 [dfir] Webshells: Rise of the Defenders (Part 4)
• 2016.11 [] Winmail最新直达webshell 0day漏洞挖掘实录
• 2016.11 [securityintelligence] Ninety-Five Percent of Webshell Attacks Written in PHP
• 2016.11 [freebuf] **最大的Webshell后门箱子调查，所有公开大马全军覆没
• 2016.10 [threatexpress] Web shells as a covert channel – SubShell & TinyShell
• 2016.09 [venus] 渗透攻防 - 千变万化的WebShell
• 2016.08 [vanimpe] Exploring webshells on a WordPress site
• 2016.07 [freebuf] **新型Web Shell “菜刀-Cknife”遭国外安全公司曝光
• 2016.07 [360] ​分析Cknife,一个类似China Chopper的webshell管理工具（第二部分）
• 2016.07 [sans] The Power of Web Shells
• 2016.07 [securityintelligence] The Webshell Game Continues
• 2016.07 [dfir] Webshells - Every Time the Same Story…(Part 3)
• 2016.07 [acunetix] Web Shells in Action – Introduction to Web-Shells – Part 4
• 2016.06 [acunetix] Keeping web shells under cover – An Introduction to Web Shells – Part 3
• 2016.06 [acunetix] Web-shells 101 using PHP – Introduction to Web Shells – Part 2
• 2016.06 [safebuff] Bypass imagecopyresampled and imagecopyresized generate PHP Webshell
• 2016.06 [fidelissecurity] Understanding the Web Shell Game
• 2016.06 [freebuf] 利用PHP 7中的OPcache来实现Webshell
• 2016.05 [freebuf] 看我如何绕过一个Webshell认证
• 2016.05 [sec] 从“TI（威胁情报）”到“IR（事件响应）”：从webshell的安全说开
• 2016.05 [sec] 威胁捕捉：推出针对webshell的“一手”情报feed
• 2016.05 [sec] 基于恶意行为的专项威胁情报Feed之：webshell-feed
• 2016.05 [] 利用 Java Binary Webshell 对抗静态检测
• 2016.05 [tencent] 利用 Java Binary Webshell 对抗静态检测
• 2016.04 [360] 利用PHP 7中的OPcache来实现Webshell
• 2016.04 [sec] 威胁情报Feed：Webshell之常用“路径&名字”字典
• 2016.04 [freebuf] C99 php webshell攻击加剧，大量WordPress站点遭受威胁
• 2016.04 [securityintelligence] Got WordPress? PHP C99 Webshell Attacks Increasing
• 2016.04 [sec] 由Webshell溯源攻击者的入侵途径
• 2016.03 [rsa] Detecting and Investigating Webshells – Another Reason for Deepening Your Security Visibility
• 2016.03 [sec] 线索、挖掘、预警—基于威胁情报的一起Webshell的安全分析
• 2016.03 [doyler] Introducing RWSH – Ray’s Web SHell
• 2016.03 [sec] webshell的隐藏、伪装技巧
• 2016.03 [caceriadespammers] Web Shell Detector
• 2016.03 [] Webshell清除-解决驱动级文件隐藏挂马
• 2016.03 [] 有趣的小技巧，Webshell的克星
• 2016.01 [dfir] Webshells - Every Time the Same Story…(Part 2)
• 2016.01 [rsa] Hunting Webshells with RSA ECAT
• 2016.01 [sec] Metasploit Webshell初探
• 2015.12 [] Webshell安全检测篇（2）-深入用户的内心
• 2015.12 [] Webshell安全检测篇（1）-基于流量的检测方式
• 2015.12 [] Webshell安全检测篇（3）-基于行为分析来发现“未知的Webshell”
• 2015.12 [] Webshell安全检测篇（4）-基于流量的Webshell分析样例
• 2015.12 [] Webshell系列（5）- webshell之“看见”的能力分析
• 2015.12 [sec] 结合威胁情报的Webshell事件处理谈（2）–攻击者画像与机读IOC
• 2015.12 [sec] 如何检测隐藏的Webshell（三） Weevely.img
• 2015.12 [toolswatch] [New Tool] quasiBot v0.3 Beta Complex Webshell Manager
• 2015.12 [] webshell检测－日志分析
• 2015.12 [sec] 高隐藏性webshell分析：Weevely 3.2 Backdoor流量特征（一）
• 2015.12 [sec] Webshell安全检测（3）： WeBaCoo网站后门特征分析
• 2015.12 [sec] Webshell安全检测（4）:Weevely 样本后门特征分析
• 2015.12 [sec] 机读IOC文件下载–结合情报的Webshell分析
• 2015.12 [sec] 结合威胁情报的Webshell事件处理谈（1）–结合kill chain的攻击还原
• 2015.11 [sec] Webshell系列（5）- webshell之“看见”的能力分析
• 2015.11 [sec] Webshell安全检测篇（4）-基于流量的Webshell分析样例
• 2015.11 [] DZ6.x的UC_KEY getwebshell exploit
• 2015.11 [checkpoint] Check Point Threat Alert: Web Shells
• 2015.11 [sec] Webshell安全检测篇（3）-基于行为分析来发现“未知的Webshell”
• 2015.11 [ironcastle] TA15-314A: Compromised Web Servers and Web Shells – Threat Awareness and Guidance
• 2015.11 [sec] Webshell安全检测篇（2）-深入用户的内心
• 2015.11 [sec] Webshell安全检测篇（1）-基于流量的检测方式
• 2015.10 [freebuf] B374K PHP WEBSHELL：一款简单却功能强大的远程管理工具
• 2015.09 [evi1cg] Linux查webshell
• 2015.08 [] APT时代-窃密型WebShell检测方法的思考
• 2015.08 [dfir] Webshells - Every Time the Same Purpose, Every Time a Different Story… (Part 1)
• 2015.07 [freebuf] 窃密型WebShell检测方法
• 2015.07 [n0where] Stealthy PHP Web Shell Backdoor: Weevely
• 2015.06 [sec] APT时代-窃密型WebShell检测方法的思考
• 2015.05 [] MS15-051 修正版Exploit(Webshell可用)
• 2015.05 [] 另类Webshell：Xml Shell简介
• 2015.03 [crowdstrike] Chopping packets: Decoding China Chopper Web shell traffic over SSL
• 2015.02 [vxsecurity] [ Technical Teardown: PHP WebShell ]
• 2015.02 [freebuf] 技术分享：如何在PNG图片的IDAT CHUNKS中插入Webshell
• 2015.01 [s1gnalcha0s] SSJS Web Shell Injection
• 2015.01 [securityblog] A quick and dirty php web shell
• 2014.12 [freebuf] ModSecurity技巧：使用ssdeep检测Webshell
• 2014.12 [freebuf] 批量Webshell管理工具QuasiBot之后门代码分析
• 2014.12 [n0tr00t] 批量 Webshell 管理工具 QuasiBot 之后门代码分析
• 2014.12 [] 用Webshell直接杀入内网
• 2014.11 [] Webshell实现与隐藏探究
• 2014.09 [room362] OSX Persistence via PHP Webshell ·
• 2014.08 [3xp10it] 隐藏webshell的几条建议
• 2014.08 [3xp10it] 一句话webshell客户端脱库
• 2014.08 [3xp10it] unserialize免杀webshell
• 2014.08 [3xp10it] php中&引用免杀webshell
• 2014.08 [3xp10it] 自动测试上传功能是否可上传webshell
• 2014.08 [3xp10it] 自动测试上传功能是否可上传webshell
• 2014.08 [3xp10it] unserialize免杀webshell
• 2014.08 [3xp10it] php中&引用免杀webshell
• 2014.08 [3xp10it] 一句话webshell客户端脱库
• 2014.08 [3xp10it] 隐藏webshell的几条建议
• 2014.08 [n0where] php-webshells
• 2014.08 [freebuf] 揭秘渗透测试利器：Webshell批量管理工具QuasiBot
• 2014.08 [] PHPCMS后台低权限拿webSHELL
• 2014.06 [freebuf] 用搜索神器Everything定位Webshell木马后门
• 2014.06 [toolswatch] [New Tool] Antak WebShell – PowerShell Console Released
• 2014.05 [] 科讯KESION CMS最新版任意文件上传WEBSHELL
• 2014.04 [] [投稿]Webshell下命令执行限制及绕过方法
• 2014.04 [netspi] Executing MSF Payloads via PowerShell Webshellery
• 2014.04 [] [投稿]Webshell 远程提权
• 2014.03 [webroot] Commercial Windows-based compromised Web shells management application spotted in the wild – part two
• 2014.02 [crowdstrike] Mo’ Shells Mo’ Problems – Deep Panda Web Shells
• 2014.01 [freebuf] 浅谈webshell检测方法
• 2013.12 [webroot] Commercial Windows-based compromised Web shells management application spotted in the wild
• 2013.12 [freebuf] 《一个路径牵出连环血案》之三“向玩webshell的黑客钓鱼”（连载）
• 2013.11 [imperva] Threat Advisory: A JBoss AS Exploit, Web Shell code Injection.
• 2013.10 [] 最新一种过安全狗的webshell
• 2013.10 [] php LFI读php文件源码以及直接post webshell
• 2013.10 [trustwave] Hiding Webshell Backdoor Code in Image Files
• 2013.10 [] 齐博CMS GETWEBSHELL 0day
• 2013.08 [] Webshell过安全狗的几种技巧[附特征免杀法]
• 2013.08 [] 高版本正方教务系统上传后缀过滤不严导致能直接上传Webshell
• 2013.08 [] PJ博客批量可以获取webshell
• 2013.08 [] 用ZendGuard 加密php webshell
• 2013.07 [] 打破MS13-046不能webshell执行问题
• 2013.06 [trustwave] [Honeypot Alert] Inside the Attacker's Toolbox: Webshell Usage Logging
• 2013.05 [tencent] 浅谈变形PHP WEBSHELL检测
• 2013.05 [forcepoint] WebShells WebShells on the Web Server
• 2013.04 [netspi] Adding PowerShell to Web Shells to get Database Access
• 2013.04 [freebuf] 查找phpwebshell小工具
• 2013.03 [] 旁注虚拟主机IIS权限重分配跨目录得webshell
• 2013.03 [freebuf] 分离Weevely加密模块加密任意WebShell
• 2013.03 [] 解决Win下MySQL root导出Webshell换行符问题
• 2013.02 [] siteserver后台getwebshell 8种方法
• 2013.01 [freebuf] Metasploit之使用socket通信的webshell简单分析
• 2013.01 [] 解密php webshell后门
• 2012.12 [] Siteserver cms后台拿webshell另一种方法
• 2012.11 [freebuf] 反向Web Shell处理工具-Shell of the Future
• 2012.10 [freebuf] [笔记]PHP一句话Webshell变形总结
• 2012.10 [] 利用社工绕道突破安全狗直取webshell
• 2012.09 [] 帝国cms最新版本后台拿webshell方法
• 2012.08 [] [挖0day]羊驼CMS 注入及getwebshell
• 2012.08 [toolswatch] Web Shell Detector v1.62 – The Shell Scanner
• 2012.07 [] ShyPost企业网站管理系统V4.3注入XSS漏洞及后台拿webshell
• 2012.07 [] 直接给asp防注入getwebshell
• 2012.06 [freebuf] Webshell代码检测背后的数学应用
• 2012.06 [freebuf] 利用grep查找webshell
• 2012.06 [freebuf] Webshell扫描工具WebShellDetector V1.51
• 2012.06 [talosintelligence] Web Shell Poses As A GIF
• 2012.06 [idontplaydarts] Encoding Web Shells in PNG IDAT chunks
• 2012.05 [freebuf] 配置Apache防止webshell上传
• 2012.05 [] SiteEngine 7.1 会员上传漏洞拿WEBSHELL
• 2012.05 [] 91736cms Getip SQL Injection & 后台妙拿 WebShell
• 2011.11 [] WebShell的检测技术
• 2011.09 [] 突破VirtualWall上传webshell
• 2011.09 [toolswatch] XCode SQLi/LFI/XSS and Webshell Scanning tool
• 2011.08 [] access 导出webshell
• 2011.08 [] Webshell下命令行跨站

贡献

内容为系统自动导出, 有任何问题请提issue