“My web server is acting up strange, could you take a look?”

Recently, I’ve been tasked with several web server investigation engagements.

Having detected and removed many webshells and other malicious files, I’ve noticed that several simple techniques consistently prove themselves to be of value across many different environments and servers.

Today, I‘m starting this series of articles, sharing with you some of the techniques and tips that I often find valuable.

This is an introductory level article to the topic of webshell detection, I will include several references and recommendations to more advanced topics and techniques at the end…

Uri Fleyder-Kotler

+12 years of experience in Cybersecurity with 6 approved patents in the US. I dream about a safer world. A world where cyber attacks are no longer a threat.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store