de | en


Check suspicious PHP files now quickly and reliably for webshells!
nimbusec shellray is a free online webshell detector for PHP files.


Result for {{ result.filename }}

Malware detected: {{ result.threatname }}!

No malicous PHP code detected.

{{ result.sha1 }}
{{ result.md5 }}
{{ result.size }} Byte
How to use it?

Upload the suspicious .PHP files.

The PHP file is analysed in our data center.

You receive an evaluation and classification.

The advantages
  • very high recognition performance for webshells
  • check suspicious PHP files online
  • easy, fast and reliable
  • classification for webshells with behaviour classification
  • free service of nimbusec.
What to do if a webshell is detected

Remove the file or replace it with the original CMS.


Recheck your webspace again for malware and webshells.


Change all passwords (SFTP, CMS, database, etc.).


Keep your CMS up to date and sonsult a web security expert.

This is a greatly simplified process. On our blog you will find more initial measures. In many cases it is useful incurring web security experts.

nimbusec checks your web server automatically and regularly for webshells, malware, content and blacklists. Find out now!

FAQ for nimbusec shellray
nimbusec shellray is applicable for PHP files.
PHP files are used primarily for creating dynamic websites and web applications.
The maximum size of the PHP file is 4 MB.
nimbusec shellray is only an information aggregator. It shows you whether your PHP file contains malicious software and/or webshells.

nimbusec shellray does not guarantee evaluation results. See Terms and Conditions.
No. With nimbusec shellray you can only check individual PHP files, which you categorize as suspicious.