---
title: Web Shell
---

## Web Shell

### What is a Web Shell?
A web shell is malware that is uploaded to a web server, and can provide access to files on the server. Most web shells will also allow you to run OS level commands on the server.

### What do Web Shell Do?
You can do quite a few things with web shells depending on its features. You can access databases, exfiltrate data, you can even delete files on server or upload files.

### What does a Web Shells look like?
It can look like .php file or .asp file this about your web server (it can be linux or windows server).

### How do I protect myself against Web Shells?
Stay away from spaghetti code, use a known desing pattern on your projects and espacially be carefull your html upload forms 
filter what you upload on your server and dont trust users.