16 repositorios
Tools that establish outbound network connections from a target to a listener for remote command execution.
Distinct from Socket Networking: Candidates cover generic socket networking or command execution, but not the specific 'reverse shell' attack pattern.
Explore 16 awesome GitHub repositories matching security & cryptography · Reverse Shells. Refine with filters or upvote what's useful.
The Social-Engineer Toolkit is a social engineering framework and penetration testing suite designed to simulate human-centric security attacks. It serves as a phishing simulation tool and credential harvesting utility to evaluate personnel awareness and organizational resilience. The toolkit provides specialized tooling for phishing campaign testing and credential theft simulation. It enables the creation of deceptive emails and landing pages to identify vulnerabilities in how users handle sensitive account information. The system includes capabilities for security awareness training and br
Establishes socket-based reverse shells for remote command execution on target machines.
Nishang is a PowerShell-based offensive security framework designed for red teaming and penetration testing on Windows targets. It functions as a post-exploitation toolkit and payload generator to automate attacks and manage remote targets. The project provides specialized capabilities for bypassing security controls, such as disabling the Antimalware Scan Interface and employing in-memory execution to avoid disk-based detection. It includes a variety of stealthy command and control mechanisms, utilizing non-standard channels like DNS TXT records, ICMP traffic, and webmail for communication a
Creates an interactive remote shell that transmits data over ICMP traffic to bypass firewall restrictions.
This project is a post-exploitation framework and command and control platform designed for security research and penetration testing. It functions as a remote access tool consisting of a central command server and encrypted executable payloads that establish reverse shell connections. The system utilizes a web-based dashboard for multi-client administration, allowing for remote host monitoring and direct shell access through an in-browser terminal. It generates cross-platform, encrypted binaries that employ a multi-stage delivery chain and a key exchange mechanism to secure communications.
Uses a reverse shell architecture where clients initiate outbound connections to bypass firewalls.
fuzzdb is a collection of datasets designed for web application penetration testing and dynamic fuzzing. It provides a fuzzing payload dictionary, a resource discovery wordlist, and a fault injection dataset containing corrupted Unicode, null bytes, and escape codes to trigger application crashes and logic errors. The project includes a security filter bypass list featuring polyglots and encoded strings to evade web application firewalls and input validation filters. It also provides a comprehensive web application penetration testing dataset specifically for identifying flaws such as cross-s
Includes payloads and patterns used to establish remote interactive command shells on target systems.
Yakit is a comprehensive cybersecurity all-in-one platform designed for security assessments. It integrates a suite of core tools including an HTTP interception proxy for real-time traffic modification, an out-of-band interaction detector for verifying remote command execution via TCP, DNSLog, and ICMP, and a reverse shell manager for controlling remote server connections. The platform is distinguished by its dedicated security scripting environment, which allows for the development and execution of custom logic and plugins using a specialized high-performance language. It further extends fun
Ships a reverse shell manager to control remote server connections and deliver exploitation payloads.
scan4all is an all-in-one vulnerability scanner that orchestrates parallel network reconnaissance, service cracking, and exploit execution across a wide range of protocols. It combines port discovery, web fingerprinting, password cracking, and a plugin-based database of over 15,000 proof-of-concept exploits into a single automated pipeline, with results streamed to Elasticsearch for structured querying and analysis. The tool distinguishes itself through its multi-engine orchestration, coordinating tools like nmap, naabu, and nuclei under one pipeline to avoid redundant work and share results.
Establishes reverse shell connections during engagements using a multi-target web netcat utility.
Ladon es un escáner de penetración de red interna y herramienta de evaluación de vulnerabilidades diseñada para identificar fallas de seguridad y activos de alto riesgo a través de segmentos de red. Opera como un escáner de seguridad sin archivos (fileless), ejecutando su motor y módulos directamente en la memoria para evitar dejar una huella en el disco en los sistemas objetivo. El proyecto se distingue por su integración como plugin para balizas de comando (command beacons), específicamente dentro del framework Cobalt Strike. Esto permite el descubrimiento de red y la detección de vulnerabilidades residentes en memoria. Además, admite operaciones sigilosas mediante la ofuscación de cargas útiles y scripts, así como técnicas para eludir la detección por parte de sistemas de detección y respuesta de endpoints (EDR). La herramienta proporciona un conjunto completo de capacidades para la post-explotación, incluyendo auditoría de credenciales, extracción y la ejecución de ataques Kerberos para la penetración de dominios. Maneja el descubrimiento de activos mediante escaneo multiprotocolo y huellas dactilares de servicios para identificar sistemas operativos y tecnologías web. Además, admite la automatización del movimiento lateral, la escalada de privilegios y el despliegue de cargas útiles de ejecución remota de código. El framework es extensible a través de una arquitectura de plugins que permite la carga dinámica de ensamblajes o scripts externos para añadir módulos de escaneo personalizados y pruebas de concepto.
Establishes outbound network connections from targets to listeners to provide remote command-line access.
CDK es un conjunto de herramientas especializado para la auditoría de seguridad de contenedores, explotación de escapes de contenedores y pruebas de penetración de infraestructura en la nube. Proporciona una colección de scripts y herramientas diseñadas para identificar y explotar vulnerabilidades en los runtimes de contenedores para salir de entornos aislados y ejecutar comandos en el sistema operativo host subyacente. El proyecto cuenta con una suite de explotación de runtime Docker dedicada para abusar de la API de Docker, procfs y cgroups para obtener acceso no autorizado a nivel de host. Incluye técnicas específicas para eludir el aislamiento mediante LXCFS, explotación de espacios de nombres de usuario y montaje de discos del host, así como capacidades para extraer metadatos de la nube y auditar permisos de cuentas de servicio para escalar privilegios en entornos de clúster. El kit de herramientas cubre una amplia gama de capacidades de auditoría de seguridad, incluyendo la auditoría de clústeres Kubernetes para la exfiltración de secretos y análisis de políticas, escaneo de archivos y servicios sensibles, y la detección de intercambio de red del host. También proporciona utilidades para establecer reverse shells, desplegar payloads en entornos restringidos e instalar herramientas de administración del sistema dentro de contenedores mínimos.
Provides capabilities to spawn interactive reverse shell sessions for remote command execution from containerized environments.
Villain es un framework de comando y control y orquestador distribuido diseñado para gestionar conexiones TCP inversas y HoaxShell. Sirve como un gestor de shell inversa y herramienta de generación de payloads, permitiendo la coordinación de acceso remoto a través de múltiples sistemas objetivo. El proyecto se distingue por una arquitectura distribuida que sincroniza sesiones remotas activas y transmite mensajes a través de instancias de servidor conectadas para operaciones colaborativas. Incluye un motor de ejecución sin archivos (fileless) que ejecuta scripts directamente en la memoria remota sobre HTTP para evitar escribir archivos en el disco del objetivo. El framework cubre la generación de payloads para varios sistemas operativos utilizando plantillas y codificación personalizables. Proporciona capacidades de gestión de sesiones, incluyendo actualizaciones de shell interactiva a pseudo-terminales, persistencia de sesión y monitoreo de estabilidad para evitar bloqueos de shell remota. La transferencia de datos se maneja a través de un servicio de contrabando HTTP (HTTP smuggling) automatizado para cargar archivos a sesiones activas.
Interacts with remote terminal sessions and upgrades basic shells into fully interactive pseudo-terminals.
This project is a suite of tools for generating encoded shell commands and network listener configurations used in offensive security operations. It provides a collection of command generators for various shells and listeners to establish remote access during security penetration tests. The tool features a reverse shell payload generator that creates encoded command strings and a network listener command generator that produces the server-side syntax needed to accept incoming network connections. It includes a Base64 command encoder to transform shell commands into encoded strings to bypass s
A functionality in the tool that creates command strings for various shells and listeners to establish remote access during security tests.
This project is a comprehensive command-line reference and toolkit designed for Linux system administration and network security assessment. It provides a collection of technical snippets and operational guides focused on managing remote environments, orchestrating shell sessions, and executing administrative tasks through native terminal utilities. The repository distinguishes itself by offering specialized techniques for stealthy operations and infrastructure manipulation. It covers methods for establishing encrypted tunnels to bypass firewalls, obfuscating process identities and command hi
Provides techniques for establishing reverse shell connections to bypass network restrictions.
Termora is a cross-platform SSH client, terminal emulator, and serial communication tool. It provides a unified interface for managing local shell sessions, secure remote server connections, and direct hardware communication through serial port protocols. The project distinguishes itself by combining diverse remote access tools into one environment, including a VNC remote desktop client, an SFTP file transfer client, and a proxy tool for SSH tunneling and port forwarding. It further supports network hardware management through vendor-specific terminal emulation to ensure compatibility with va
Provides a unified interface for managing and interacting with local, SSH, and serial shell sessions.
Hoaxshell is a command and control system for Windows remote command execution. It provides a framework for generating and managing reverse shell payloads that utilize an HTTP beaconing protocol, where victim clients periodically poll a handler to receive and execute instructions. The project distinguishes itself through its ability to bypass PowerShell Constrained Language Mode using specialized payload generation. It supports encrypted command and control via TLS certificate injection and provides mechanisms for remote session recovery, allowing a handler to reestablish control over active
Generates and manages Windows reverse shell payloads that communicate over HTTP or HTTPS for remote command execution.
Exegol is an offensive security platform and containerized tooling orchestrator designed to deploy and manage isolated security operations environments. It functions as a workspace manager that provisions pre-configured security images and toolkits within Docker containers to protect host systems from malicious payloads. The platform distinguishes itself by integrating AI security workflow orchestration, allowing AI assistants to discover and trigger security tools through a standardized communication protocol. It further provides remote desktop gateway capabilities, enabling GUI access via X
The product creates dynamic reverse-shell commands and provides tools to stabilize the interactive experience.
This project consists of PHP-based payloads and scripts designed to establish reverse network connections for remote shell access. It functions as a remote command execution tool used during security auditing to gain an interactive shell on a web server. The scripts utilize PHP network sockets to redirect system shell input and output to a remote TCP connection. This allows for the establishment of a network connection from a target server back to a controlled machine to execute remote commands. These capabilities support penetration testing workflows, PHP server auditing, and post-exploitat
Implements a reverse shell script that connects a target PHP server back to a remote listener for command execution.
jexboss is a Java deserialization exploit framework and network vulnerability scanner designed to identify and exploit deserialization flaws to achieve remote code execution on target servers. It functions as a suite of tools for delivering payloads and executing system commands on vulnerable remote applications. The project includes a reverse shell orchestrator to establish and maintain persistent remote command connections from exploited targets back to a listener. It also provides post-exploitation automation for managing remote access and updating software on compromised systems. The fra
Establishes a persistent network connection from the compromised target back to a listener for remote terminal access.