Hello, you are using an old browser that's unsafe and no longer supported. Please consider updating your browser to a newer version, or downloading a modern browser.

Global Accelerated Learning • Est. 1999
Glossary Term Web Shell

Training Camp • Cybersecurity Glossary

What is Web Shell?

A web shell is a malicious server script giving attackers browser-based remote command execution and persistent backdoor access to a web server.

Glossary > Threats, Malware & Attacks > Web Shell

Understanding Web Shell

A web shell is a malicious script uploaded to a web server that gives an attacker remote command execution and persistent access through a browser or HTTP client. Written in languages such as PHP, ASP, JSP, or ASPX, web shells are commonly planted by exploiting file-upload flaws, unpatched vulnerabilities, or stolen credentials. They serve as backdoors for data theft, lateral movement, and further payload delivery, and are detected by monitoring for anomalous server-side files and outbound activity.

Learn More About Web Shell:

Ready to Get Certified?

Turn knowledge into credentials with our instructor-led cybersecurity boot camps.

View All Courses →