An advanced multi-threaded, multi-client python reverse shell for hacking linux systems. There’s still more work to do so feel free to help out with the development. Disclaimer: This reverse shell should only be used in the lawful, remote administration of authorized systems. Accessing a computer network without authorization or permission is illegal. Getting Started PleaseRead More
A collection of python apps and shell scripts to email an xlsx spreadsheet of new vulnerabilities in the NIST CVE database and their associated products on a daily schedule. The spreadsheet can then be manually interpreted for risk to your specific organization. Based off of an opensource product on github originally by Antonios Atlasis SyncsRead More
Hosted Reverse Shell generator with a ton of functionality — (great for CTFs) Hosted Instance https://revshells.com Features Generate common listeners and reverse shells Automatically copy to clipboard Button to increment the listening port number by 1 URI and Base64 encoding LocalStorage to persist your configuration Dark and Light Modes Credits weibell briskets papadope 0day 0x03f3Read More
Who didn’t get bored of manually typing the few lines to upgrade a reverse shell to a full interactive reverse shell (tty spawn, stty size …, stty raw -echo) or typing the command to use ConPTY. Description With Girsh, just run it and it will detect the OS and execute the correct commands to upgradeRead More
Multi-threaded c2 server and reverse TCP shell client written in pure C (Windows). Command list: list: list available connections. interact tag:blogger.com,1999:blog-8317222231133660547.post-3056304803628582479: interact with client. download [filename]: download a file from client. upload [filename]: upload a file to client. background: background client. exit: terminate client or server. cd [dir]: change directory on client. Download Sak1To-Shell
Karkinos is a light-weight ‘Swiss Army Knife’ for penetration testing and/or hacking CTF’s. Currently, Karkinos offers the following: Encoding/Decoding characters Encrypting/Decrypting text or files Reverse shell handling Cracking and generating hashes Dependancies Any server capable of hosting PHP; tested with Apache Server Tested with PHP 7.4.9 Python3 (in your path) pip3 Raspberry Pi Zero friendlyRead More
Web shell analyzer is a cross platform stand-alone binary built solely for the purpose of identifying, decoding, and tagging files that are suspected to be web shells. The web shell analyzer is the bigger brother to the web shell scanner project (http://github.com/tstillz/webshell-scan), which only scans files via regex, no decoding or attribute analysis. Disclaimer TheRead More
A project to get a Linux shell running on iOS, using usermode x86 emulation and syscall translation. For the current status of the project, check the issues tab, and the commit logs. App Store page TestFlight beta Discord server Wiki with help and tutorials README in Chinese (may be out of date, if so sendRead More
HTTP-revshell is a tool focused on redteam exercises and pentesters. This tool provides a reverse connection through the http/s protocol. It use a covert channel to gain control over the victim machine through web requests and thus evade solutions such as IDS, IPS and AV.Help server.py (unisession server)Server usage: usage: server.py [-h] [–ssl] [–autocomplete] hostRead More
A Proof-of-Concept bind shell using the Fax service and a DLL hijack based on Ualapi.dll.See our writeup at: https://windows-internals.com/faxing-your-way-to-system/How to use Build Ualapi.dll and place in c:windowssystem32 Start the Fax service, which will load the DLL and call the export UalStart. UalStart will queue a thread pool work item that will open a handle toRead More
