“My web server is acting up strange, could you take a look?”
Recently, I’ve been tasked with several web server investigation engagements.
Having detected and removed many webshells and other malicious files, I’ve noticed that several simple techniques consistently prove themselves to be of value across many different environments and servers.
Today, I‘m starting this series of articles, sharing with you some of the techniques and tips that I often find valuable.
This is an introductory level article to the topic of webshell detection, I will include several references and recommendations to more advanced topics and techniques at the end…
+12 years of experience in Cybersecurity with 6 approved patents in the US. I dream about a safer world. A world where cyber attacks are no longer a threat.