webshellDc
2022-4-22 15:43:48 Author: github.com(查看原文) 阅读量:34 收藏
master
Switch branches/tags

2 branches 0 tags

Code

This branch is up to date with hooog/webshellDc:master.

Contribute

  • This branch is not ahead of the upstream hooog:master.

    No new commits yet. Enjoy your day!

Files

Permalink

Failed to load latest commit information.

Type

Name

Latest commit message

Commit time

Oct 30, 2020

log

Oct 30, 2020

Oct 30, 2020

pic

Oct 30, 2020

Oct 30, 2020

webshell通常是指利用asp、jsp、php、py、pl脚本语言编写,对web服务器进行管理的工具,也叫webadmin。webshell可以用来上传下载文件,查看数据库,系统命令调用,因此常被黑客利用并对服务器进行一系列入侵操作,具备威胁大、隐蔽性强等特点。

本项目分别收集了160个Github项目的webshell黑样本和大量个开源php、jsp、asp、java项目作为白样本,去重后黑样本2944个,白样本11945个,采用CountVectorizer和TfidfTransformer对n-gram后的样本进行特征向量处理,分别采用多层神经网络、XGBoost、朴素贝叶斯进行训练。其中MLPClassifier模型表现较好。

使用方式

训练:
python train.py -n webshelldir(黑样本文件路径) -p normaldir(白样本文件路径) -m mlp(模型选项)

测试:
python webshellDc.py

训练环境

系统:macOS 16 GB + python 3.6.3 执行时间:134s

运行截图

白名单检测: 检测总量:11945, 检测出webshell:23, 检测出正常文件:11922 误报率:0.0019254918375889493

黑名单检测: 检测总量:2944, 检测出webshell:2925, 检测出正常文件:19 召回率:0.993546195652174

黑样本

https://github.com/tennc/webshell
https://github.com/ysrc/webshell-sample https://github.com/xl7dev/WebShell https://github.com/tdifg/WebShell https://github.com/fictivekin/webshell https://github.com/bartblaze/PHP-backdoors https://github.com/malwares/WebShell https://github.com/xypiie/WebShell https://github.com/testsecer/WebShell https://github.com/nbs-system/php-malware-finder https://github.com/BlackArch/webshells https://github.com/tanjiti/webshellSample https://github.com/dotcppfile/DAws https://github.com/theralfbrown/webshell https://github.com/gokyle/webshell https://github.com/sunnyelf/cheetah https://github.com/JohnTroony/php-webshells https://github.com/evilcos/python-webshell https://github.com/lhlsec/webshell https://github.com/shewey/webshell https://github.com/boy-hack/WebshellManager https://github.com/liulongfei/web_shell_bopo https://github.com/Ni7eipr/webshell https://github.com/WangYihang/Webshell-Sniper https://github.com/pm2-hive/pm2-webshell https://github.com/samdark/yii2-webshell https://github.com/b1ueb0y/webshell https://github.com/oneoneplus/webshell https://github.com/zhaojh329/xterminal https://github.com/juanparati/Webshell https://github.com/wofeiwo/webshell-find-tools https://github.com/abcdlzy/webshell-manager https://github.com/alert0/webshellch https://github.com/needle-wang/jweevely https://github.com/tengzhangchao/PyCmd https://github.com/0x73686974/WebShell https://github.com/wonderqs/Blade https://github.com/le4f/aspexec https://github.com/jijinggang/WebShell https://github.com/matiasmenares/Shuffle https://github.com/Skycrab/PySpy https://github.com/huge818/webshell https://github.com/gb-sn/go-webshell https://github.com/BlackHole1/Fastener https://github.com/blackhalt/WebShells https://github.com/tomas1000r/webshell https://github.com/hanzhibin/Webshell https://github.com/decebel/webShell https://github.com/Aviso-hub/Webshell https://github.com/vnhacker1337/Webshell https://github.com/bittorrent3389/Webshell https://github.com/anhday22/WebShell https://github.com/buxiaomo/webshell https://github.com/z3robat/webshell https://github.com/n3oism/webshell https://github.com/uuleaf/WebShell https://github.com/onefor1/webshell https://github.com/cunlin-yu/webshell https://github.com/roytest1/webshell https://github.com/backlion/webshell https://github.com/opetrovski/webshell https://github.com/opetrovski/webshell https://github.com/gsmlg/webshell https://github.com/health901/webshell https://github.com/inof8r/WebShell https://github.com/Najones19746/webShell https://github.com/RaspiCar/WebShell https://github.com/health901/webshell https://github.com/dinamsky/WebShell https://github.com/Fay48/WebShell https://github.com/tuz358/webshell https://github.com/shajf/Webshell https://github.com/t17lab/WebShell https://github.com/blacksunwen/webshell https://github.com/webshellarchive/webshellco https://github.com/lolwaleet/Rubshell https://github.com/WhiteWinterWolf/WhiteWinterWolf-php-webshell https://github.com/goodtouch/jruby-webshell https://github.com/maestrano/webshell-server https://github.com/LuciferoO/webshell-collector https://github.com/wangeradd1/myWebShell https://github.com/0xHJK/caidao https://github.com/alintamvanz/1945shell https://github.com/Venen0/vshell https://github.com/lojikil/tinyshell https://github.com/wso-shell/PHP-SHELL-WSO https://github.com/meme-lord/PHPShellBackdoors https://github.com/Learn2Better/51mp3L-Web-Backdoor https://github.com/yuxiaokui/JBoss-Hack https://github.com/SecurityRiskAdvisors/cmd.jsp https://github.com/ddcunningham/crude-shellhunter https://github.com/stormdark/BackdoorPHP https://github.com/vduddu/Malware https://github.com/1oid/BurstPHPshell https://github.com/gokyle/urlshorten_ng https://github.com/rhelsing/trello_osx https://github.com/pfrazee/wsh-grammar https://github.com/x-o-r-r-o/PHP-Webshells-Collection https://github.com/IHA114/WebShell2 https://github.com/WangYihang/WebShellCracker https://github.com/KINGSABRI/WebShellConsole https://github.com/jujinesy/webshells.17.03.18 https://github.com/hackzsd/HandyShells https://github.com/mperlet/pomsky https://github.com/cybernoir/bns-php-shell https://github.com/XianThi/rexShell https://github.com/H4CK3RT3CH/php-webshells https://github.com/minisllc/subshell https://github.com/linuxsec/indoxploit-shell https://github.com/kuniasahi/mpshell https://github.com/datasiph0n/MyBB-Shell-Plugin https://github.com/magicming200/evil-koala-php-webshell https://github.com/0xK3v/Simple-WebShell https://github.com/djoq/docker-pm2-webshell https://github.com/SMRUCC/GCModeller.WebShell https://github.com/darknesstiller/WebShells https://github.com/devilscream/remoteshell https://github.com/0verl0ad/gorosaurus https://github.com/grCod/poly https://github.com/cryptobioz/wizhack https://github.com/amwso/docker-webshell https://github.com/William-Hunter/JSP_Webshell https://github.com/yangbaopeng/ashx_webshell https://github.com/webshellpub/awsome-webshell https://github.com/noalh8t/simple-webshell https://github.com/s3cureshell/wso-2.8-web-shell https://github.com/LiamRandall/simpleexec https://github.com/Samorodek/humhub-modules-webshell https://github.com/mwambler/webshell-xpages-ext-lib https://github.com/AVGP/Wesh https://github.com/edibledinos/weevely3-stealth https://github.com/lehins/haskell-webshell https://github.com/guglia001/php-secure-remove https://github.com/gokyle/webshell_tutorial https://github.com/azmanishak/webshell-php https://github.com/andrefernandes/docker-webshell https://github.com/codehz/node-webshell https://github.com/koolshare/merlin-webshell https://github.com/StephaneP/erl-webshell https://github.com/jjjmaracay3/webshells https://github.com/grCod/webshells https://github.com/ian4hu/bootshell https://github.com/Ghostboy-287/wso-webshell https://github.com/xiaoxiaoleo/xiao-webshell https://github.com/alexbires/webshellmanagement https://github.com/codeT/collectWebShell https://github.com/PhilCodeEx/jak3fr0z https://github.com/Ettack/WebshellCCL https://github.com/jubal-R/TinyWebShell https://github.com/CaledoniaProject/AxisInvoker https://github.com/theBrianCui/ISSS_webShell https://github.com/webshell/webshell-node-sdk https://github.com/Medicean/AS_BugScan https://github.com/3xp10it/xwebshell https://github.com/niemand-sec/RazorSyntaxWebshell https://github.com/LuciferoO/webshell-collector https://github.com/0verl0ad/HideShell https://github.com/L-codes/oneshellcrack https://github.com/ArchAssault-Project/webshells https://github.com/AndrHacK/andrshell

文章来源: https://github.com/y35uishere/webshellDc
如有侵权请联系:admin#unsafe.sh