Web Shell Detector: Find webshell on server
Web Shell Detector – is a php script that helps you find and identify php/cgi(perl)/asp/aspx shells. Web Shell Detector has a “web shells” signature database that helps to identify “web shell” up to 99%. By using the latest javascript and css technologies, web shell detector has a light weight and friendly interface.
PHP Shell DetectorFeature
- Protect & Secure
Proctect your servers from hackers. Our signature database that helps to identify “web shell” up to 99% - Super Fast
With modern technologies and latest javascript and css, web shell detector has a light weight and friendly interface. - Support Team
We have a dedicated team that will manually inspect suspicious files. - Simple use
Simple download Web Shell Detector from github. And then upload shelldetect.php and shelldetect.db to your root directory. Open shelldetect.php file in your browser or execute it under command line.
- Manual examination
In case file was indicated as “suspicious” you may submit it to shelldetector.com team to manual examination, after carefull analysis, you will get report. - Settings control
With wide range of settings. You able to create needed behavior. - Requirements – PHP/Python
PHP 5.x, Python 2.x, OpenSSL (only for secure file submission)
Detection
Number of known shells: 604
Installation
Usage
To activate Web Shell Detector:
- Upload shelldetect.php and shelldetect.db to your root directory
- Open shelldetect.php file in your browserExample: http://www.website.com/shelldetect.php
- Use default username & passwordUsername: admin Password: protect
- Inspect all strange files, if some of files look suspicious, send them to http://www.shelldetector.com team. After submitting your file, it will be inspected and if there are any threats, it will be inserted into a “web shell detector” web shells signature database.
- If any web shells found and identified use your ftp/ssh client to remove it from your web server (IMPORTANT: please be careful because some of shells may be integrated into system files!).
Source: PHP-Shell-Detector