Rapid7, Inc.
Identifying web shell applications through file analysis

Abstract:

Methods and systems for identifying malicious applications and, more particularly, to identifying web shell applications. Embodiments described herein rely on machine learning tools to analyze static and dynamic features of a suspected file to determine whether the file is a web shell application.