Webshell

HTTP… For the Good or the Bad

Tonight, I was invited by the OWASP Belgium Chapter (thank you again!) to present “something“. When I accepted the invitation, I did not really have an idea so I decided to compile the findings around my research about webshells. They are common tools used by bad guys: Once they compromized a server, they often install a webshell which is a kind of toolbox or a RAT (“Remote Access Tool”). It’s very interesting to analyze how such interfaces are protected from unauthorized accesses but also the mistakes that are present in their code. This is a very first version and more will come soon!

My slides are available on slideshare.net:

2 comments

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.