anonymously reverse shell over onion network using hidden services without portfortwarding Explore the docs fully undetectable reverse shell · View Demo · bulletproof anonymity If you are having any operating system compatiblity issue, let me know. I will try to fix as soon as possible so let’s explore the docs. What is tornado? TornadoRead More
A Swiss Army Knife for Zsh – Unix Shell. Roadmap See the open issues for a list of proposed features (and known issues). Top Feature Requests (Add your votes using the reaction) Top issues (Add your votes using the reaction) Newest issues Contributing First off, thanks for taking the time to contribute! ContributionsRead More
Golang reverse/bind shell generator. Description This tool generates a Go binary that launches a shell of the desired type on the targeted host. The shell binary can be compiled for multiple platforms, supports partial polymorphism (unique functions’ names) and can use UDP protocol instead of the default TCP. If you send a DELETE command overRead More
In Linux in order to run a program it must exist as a file, it must be accessible in some way through the file system hierarchy (this is just how execve() works). This file may reside on disk or in ram (tmpfs, memfd) but you need a filepath. This has made very easy to controlRead More
presshell Quick & dirty WordPress Command Execution Shell. Execute shell commands on your wordpress server. Uploaded shell will probably be at <your-host>/wp-content/plugins/shell/shell.php Installation To install the shell, we are assuming you have administrative rights to WordPress and can install plugins since transferring a PHP file to the media library shouldn’t work anyway. Otherwise, you haveRead More
This repository contains a small tool inherited from ldap_shell (https://github.com/SecureAuthCorp/impacket/blob/master/impacket/examples/ldap_shell.py). Installation These tools are only compatible with Python 3.5+. Clone the repository from GitHub, install the dependencies and you should be good to go: git clone https://github.com/z-Riocool/ldap_shell.gitcd ldap_shellpython3 setup.py install Usage Connection options ldap_shell domain.local/user:passwordldap_shell domain.local/user:password -dc-ip 192.168.1.2ldap_shell domain.local/user -hashes aad3b435b51404eeaad3b435b51404ee:aad3b435b51404eeaad3b435b51404e1export KRB5CCNAME=/home/user/ticket.ccacheldap_shell -k -no-pass domain.local/userRead More
A low-dependency command-line tool for generating reverse shell payloads on the fly. Description LAZYPARIAH is a simple and easily installable command-line tool written in pure Ruby that can be used during penetration tests and capture-the-flag (CTF) competitions to generate a range of reverse shell payloads on the fly. The reverse shell payloads that LAZYPARIAH supportsRead More
JATAYU Stealthy Stand Alone PHP Web Shell FEATURES Http Header Based Authentication. 100% Undetectable. Exec Function Changer. Nothing Fancy USAGE GET /test/jatayu.php?fn=1&&cmd=whoamiHost : http://test.comAuthtoken : bb3b1a1f-0447-42a6-955a-88681fb88499 FUNCTIONS PARAMETER FUNCTION fn=1 Calls function shell_exec() fn=2 Calls function system() cmd=id Executes command GENERATE AUTHTOKEN <?php$r = unpack(‘v*’, fread(fopen(‘/dev/random’, ‘r’),16));$apiKey = sprintf(‘%04x%04x-%04x-%04x-%04x-%04x%04x%04x’, $r[1], $r[2], $r[3], $r[4] & 0x0fffRead More
A simple shell code encryptor/decryptor/executor to bypass anti virus. Note: I have completely redone the work flow for creating the bypass, I have found injecting the binary into memory using PowerShell as the most effective method. Purpose To generate a .Net binary containing base64 encoded, AES encrypted shellcode that will execute on a Windows target,Read More
Feature-rich Onion Service manager for UNIX-like operating systems written in POSIX conformant shellscript A collection of Onion Services features implemented for Unix-like systems following the Portable Operating System Interface standard. WARNING: do not trust this repo yet, backup your hs keys in another location. This project has not been released and should be considered forRead More
