Web Shells: The Criminal’s Control Panel

When attackers compromise web servers, they sometimes install web shell programs to maintain remote access to the infected machines. These often include functionalities such as command execution, file management, and to evade detection and analysis. In this talk, Hao will discuss the role that web shells play in cybercrime, demonstrate real-world web shells that Netcraft encounters, and explain how Netcraft detects and performs countermeasures against web shells.

Hao Liang is a Computer Scientist at Netcraft, and has worked on detection of and countermeasures against web shells, support scam emails and support scam phone numbers. He has worked at Netcraft since graduating from Imperial College London in 2021 with an MEng in Computing, having worked at Netcraft during his third year industrial placement.