Web Shells are malicious web applications used for remote access and. They've been used in many of the recent prominent breaches/vulnerabilities including Equifax, SolarWinds, and ProxyLogon and are used by APTs and other threats. With ProxyLogon, the FBI was authorized to remove them from victim machines.
This session will help you avoid telling your employer that the FBI is now doing volunteer admin work by teaching you about Web Shells, how to hunt for them, and doing hands-on hunting in a VM. A little groundwork goes a long way and this class will show what to do.
Principal Security Engineer and Practitioner of Other Duties as Assigned
Joe Schottman is an application security focused security professional with experience including web app development and purple team engagements. He has spoken at conferences on threat hunting, web shells, purple teams, and more.