خوب شناسایی وب شل از اون چیزهایی که تو دورهای بلو تیم میگن خیلی سخت تره 😂 من ابزار خوب ندیدم ولی ابزار shellsweep جهت شناسایی وب شل های.asp aspx asph php jsp.

ShellSweep. A PowerShell/Python/Lua tool designed to detect potential webshell files in a specified directory. #cybersecurity #infosec #pentesting

I haven't promoted ShellSweep in a moment. I FINALLY staged the blog and it should be going out soon. Forgot what it was? That's ok! In the time you forgot about it, I iterated over the project 2 more times and will have multiple blogs going out! . And yes, there is a Lua

🚀 ShellSweep Update Alert! 🚀. Big thanks to @nas_bench for this 🔥 PR with exciting updates:. 1️⃣ Applied black formatting to Python, Lua, and PowerShell scripts. 🖤.2️⃣ Revamped directory structure with dedicated folders for ShellSweep & ShellSweepPlus. 📂.3️⃣ Added a Python

Ghost in the Web Shell: Introducing ShellSweep

ShellSweep es una herramienta PowerShell/ Python/ Lua para detectar potenciales archivos webshell.

🤓 Been geeking out on this and I think it's a prime time to share. Still adding some features before the grand release for both #ShellSweep and #ShellSweepML. 🌟 Checkout this StreamLit App for #ShellSweepML:. 🔄 Feedback loop built-in: allows for correcting false negatives and

Come hang out and see some fresh ShellSweep tomorrow on #AtomicsonaFriday- going to nerd on some web shells and some other things I'm sure!.

شناسایی وب شل با shellsweep.

Another addition to the ShellSweep collection? Heck yes. The Splunk Threat Research Team is back with ShellSweepX, giving you more insights on how incident responders can take hunting web shells to the next level. Catch it on #SplunkBlogs: #SplunkSecurity

The stealthy nature of web shells poses a substantial threat to server and system security. Enter: ShellSweep. 🐚 Head to #SplunkBlogs to learn more about this suite of utilities designed to detect and combat malicious web shells: #SplunkSecurity

Hold up - A new version of ShellSweep is coming soon! 🚀 I've got to hype that up, don't I?. It's packed with more math and magic✨. Gone are the days of hardcoded entropy values; it's all wizardry now. 🎩 Generating entropy values on-the-fly and blending them with standard

⚔️ 🛡️Ran the samples through . CVE-2025-53770 fun. 🤩. Entropy/stdev of these would fire on base ShellSweep runs. Easy stuff to catch.

If you've been following along, like almost a year (lol), I'm finally getting back to releasing the next iteration of ShellSweep - titled:. ShellSweepPlus: To (S)hell and Back. Yes, for the Lua fans out there, a new version will be released as well! . 🔜

🚀 ShellSweep: Detecting Web Shells Made Easy for Defenders 🚀 . 🐚 What is ShellSweep?.ShellSweep is a suite of open-source tools designed to **detect web shells** using entropy analysis, static code checks, and heuristic methods. From incident response to threat hunting,

Ghost in the Web Shell: Introducing ShellSweep

Loving this discussion at the #BHUSA @splunk booth on ShellSweep, a webshell hunting tool. The developer walked through how they used ChatGPT to write it and is even releasing all the prompts used for developing and refining the tool. This is solid gold for threat hunters. #ad

Ghost in the Web Shell: Introducing ShellSweep

I also created a VT Collection of the shells I've been working with. This is all the hashes I collected - 2769 total. Entropy distribution also aligns very well with some of the values originally used with #ShellSweep. Just more hype! Release soon ™️

Not sure we're done with the ShellSweep saga. but yeah - PSWA. 🔥