Shell Detector – is a application that helps you find and identify php/cgi(perl)/asp/aspx shells. Shell Detector has a “web shells” signature database that helps to identify “web shell” up to 99%.
Python
Switch branches/tags
Nothing to show
Latest commit 5ac8ab2 Apr 26, 2016 @emposha Merge pull request #13 from rgbivens/patch-1
Update README.md
Permalink
Failed to load latest commit information.
version version 1.1 update Mar 16, 2014
README.md Update README.md Sep 24, 2015
shelldetect.db New shells added Jul 20, 2014
shelldetect.py Merge pull request #20 from hhuseyinpay/master Apr 26, 2016

README.md

Shell Detector

Shell Detector – is a application that helps you find and identify php/cgi(perl)/asp/aspx shells. Shell Detector has a “web shells” signature database that helps to identify “web shell” up to 99%.

Shell Detector is released under the MIT License http://www.opensource.org/licenses/mit-license.php

More information and support at http://www.shelldetector.com

Special thanks to "JetBrains" for PyCharm licence!

Detection

Number of known shells: 604

Requirements

Python 2.x

Usage

wget https://raw.github.com/emposha/Shell-Detector/master/shelldetect.py
python shelldetect.py -r True -d ./

Options

  • -d (--directory) - specify directory to scan
  • -e (--extension) - specify file extensions that should be scanned, seperate by comma
  • -l (--linenumbers) - show line number where suspicious function used
  • -r (--remote) - get shells signatures db from github

Changelog

  • 1.1 Full rewrite, preparing for standalone version.

  • 1.0 First version