The invention belongs to the technical field of network space security, and discloses a webshell detection method and system based on a weighted fuzzy hash algorithm. A file to be detected is fragmented, the hash and weight of each fragment are solved, the weight is given to each fragment, the core fragment with the danger function is provided with a large weight, the information entropy of each fragment is considered at the same time, and the larger the information entropy value is, the smaller the given weight is; the hash of each fragment is spliced into a fuzzy hash string, and a total weight value is calculated to obtain a weighted fuzzy hash value; and the weighted fuzzy hash value of the to-be-detected file is compared with the weighted fuzzy hash value of each webshell pre-stored in the fingerprint database in sequence. Compared with a traditional fuzzy Hash algorithm, the method can effectively adapt to the situation that the size of a detected object changes greatly, has goodadaptability, greatly improves the detection accuracy of a variety sample, and improves the anti-interference performance.