Sharing of several common webshell detection tools

Webshell detection tools can help us discover webshells and further investigate possible security vulnerabilities in the system.

This article recommends 10 Webshll detection tools for website intrusion troubleshooting. Of course, many host security products currently on the market also provide this WebShell detection capability, which will not be introduced here.

1. D Shield_Web Killer

Produced by Ah D, it uses a self-developed code analysis engine regardless of extensions, which can analyze more hidden WebShell backdoor behaviors.

Compatibility: Windows version only.

Tool download address:

http://www.d99net.net/down/WebShellKill_V2.0.9.zip

2. Baidu WEBDIR

The next generation WebShell detection engine uses advanced dynamic monitoring technology, combined with Zero-rule killing of multiple engines.

Compatibility: Provides online Trojan killing, free open API supports batch detection.

Online checking and killing address:

https://scanner.baidu.com/

3. Hippo

focuses on webshell checking and killing research, with a large number of webshell samples and independent checking and killing technology, using traditional features of cloud big data dual-engine scanning and killing technology. The killing speed is fast, the accuracy is high, and the false positives are low.

Compatibility: Supports Windows, Linux, and online scanning.

Official website:

https://www.shellpub.com/

4. Web Shell Detector

Webshell Detector has a "Webshell" signature database that helps identify up to 99 % of "webshell".

Compatibility: Provides php/python scripts for cross-platform and online detection.

Official website:

http://www.shelldetector.com/

github project address:

https://github.com/emposha/PHP-Shell-Detector

5. CloudWalker (Muyun)

No Completely, what is currently released is a command line version of the Webshell detection tool called, and the open source project has stopped updating.

Compatibility, Linux version is provided, Windows is not supported yet.

Online killing demo:

https://webshellchop.chaitin.cn/

github project address:

https://github.com/chaitin/cloudwalker

6. Deep learning model detection PHP Webshell

A deep learning PHP webshell killing engine demo, providing online sample detection.

Online checking address:

http://webshell.cdxy.me/

7. PHP Malware Finder

PHP-malware-finder is an excellent detection webshell Tool to obfuscate code with malware

Compatibility: Linux version is available, Windows is not supported yet.

github project address:

https://github.com/jvoisin/php-malware-finder

8. findWebshell

This project is a webshell checking tool developed based on python. Pattern matching checks for any type of webshell backdoor.

github project address:

https://github.com/he1m4n6a/findWebshell

9. Online webshell checking and killing tool

Online checking and killing address:

http://tools.bugscaner.com/killwebshell/

Recommended tutorial: Web server security

The above is the detailed content of Sharing of several common webshell detection tools. For more information, please follow other related articles on the PHP Chinese website!