Web shell

A script in a web server that a threat actor uses to maintain persistence in a vulnerable or compromised system. Web shells may be used for other malicious functions by executing attacker input, or used simply as a backdoor. They can be installed on a system by exploiting vulnerabilities. They can be written in any scripting language as long as the web server supports it, though they are commonly written in web development languages such as PHP.

Back to glossary

Get the latest news and insights delivered to your inbox.

Interested to see top news from Flashpoint hit your inbox directly? Subscribe to our newsletter to receive curated content on a regular basis.