15 रिपॉजिटरी
Tools that establish outbound network connections from a target to a listener for remote command execution.
Distinct from Socket Networking: Candidates cover generic socket networking or command execution, but not the specific 'reverse shell' attack pattern.
Explore 15 awesome GitHub repositories matching security & cryptography · Reverse Shells. Refine with filters or upvote what's useful.
The Social-Engineer Toolkit is a social engineering framework and penetration testing suite designed to simulate human-centric security attacks. It serves as a phishing simulation tool and credential harvesting utility to evaluate personnel awareness and organizational resilience. The toolkit provides specialized tooling for phishing campaign testing and credential theft simulation. It enables the creation of deceptive emails and landing pages to identify vulnerabilities in how users handle sensitive account information. The system includes capabilities for security awareness training and br
Establishes socket-based reverse shells for remote command execution on target machines.
Nishang is a PowerShell-based offensive security framework designed for red teaming and penetration testing on Windows targets. It functions as a post-exploitation toolkit and payload generator to automate attacks and manage remote targets. The project provides specialized capabilities for bypassing security controls, such as disabling the Antimalware Scan Interface and employing in-memory execution to avoid disk-based detection. It includes a variety of stealthy command and control mechanisms, utilizing non-standard channels like DNS TXT records, ICMP traffic, and webmail for communication a
Creates an interactive remote shell that transmits data over ICMP traffic to bypass firewall restrictions.
This project is a post-exploitation framework and command and control platform designed for security research and penetration testing. It functions as a remote access tool consisting of a central command server and encrypted executable payloads that establish reverse shell connections. The system utilizes a web-based dashboard for multi-client administration, allowing for remote host monitoring and direct shell access through an in-browser terminal. It generates cross-platform, encrypted binaries that employ a multi-stage delivery chain and a key exchange mechanism to secure communications.
Uses a reverse shell architecture where clients initiate outbound connections to bypass firewalls.
fuzzdb is a collection of datasets designed for web application penetration testing and dynamic fuzzing. It provides a fuzzing payload dictionary, a resource discovery wordlist, and a fault injection dataset containing corrupted Unicode, null bytes, and escape codes to trigger application crashes and logic errors. The project includes a security filter bypass list featuring polyglots and encoded strings to evade web application firewalls and input validation filters. It also provides a comprehensive web application penetration testing dataset specifically for identifying flaws such as cross-s
Includes payloads and patterns used to establish remote interactive command shells on target systems.
Yakit is a comprehensive cybersecurity all-in-one platform designed for security assessments. It integrates a suite of core tools including an HTTP interception proxy for real-time traffic modification, an out-of-band interaction detector for verifying remote command execution via TCP, DNSLog, and ICMP, and a reverse shell manager for controlling remote server connections. The platform is distinguished by its dedicated security scripting environment, which allows for the development and execution of custom logic and plugins using a specialized high-performance language. It further extends fun
Ships a reverse shell manager to control remote server connections and deliver exploitation payloads.
scan4all is an all-in-one vulnerability scanner that orchestrates parallel network reconnaissance, service cracking, and exploit execution across a wide range of protocols. It combines port discovery, web fingerprinting, password cracking, and a plugin-based database of over 15,000 proof-of-concept exploits into a single automated pipeline, with results streamed to Elasticsearch for structured querying and analysis. The tool distinguishes itself through its multi-engine orchestration, coordinating tools like nmap, naabu, and nuclei under one pipeline to avoid redundant work and share results.
Establishes reverse shell connections during engagements using a multi-target web netcat utility.
Ladon is an internal network penetration scanner and vulnerability assessment tool designed to identify high-risk security flaws and assets across network segments. It operates as a fileless security scanner, executing its engine and modules directly in memory to avoid leaving a disk footprint on target systems. The project is distinguished by its integration as a plugin for command beacons, specifically within the Cobalt Strike framework. This allows for memory-resident network discovery and vulnerability detection. It further supports stealth operations through payload and script obfuscatio
Establishes outbound network connections from targets to listeners to provide remote command-line access.
CDK कंटेनर सुरक्षा ऑडिटिंग, कंटेनर एस्केप एक्सप्लॉइटेशन और क्लाउड इंफ्रास्ट्रक्चर पेंटेस्टिंग के लिए एक विशेष टूलसेट है। यह कंटेनर रनटाइम्स में कमजोरियों की पहचान करने और उनका फायदा उठाने के लिए डिज़ाइन किए गए स्क्रिप्ट्स और टूल्स का एक संग्रह प्रदान करता है ताकि आइसोलेटेड एनवायरनमेंट से बाहर निकला जा सके और अंतर्निहित होस्ट ऑपरेटिंग सिस्टम पर कमांड निष्पादित किए जा सकें। इस प्रोजेक्ट में Docker API, procfs और cgroups का दुरुपयोग करके अनधिकृत होस्ट-लेवल एक्सेस प्राप्त करने के लिए एक समर्पित Docker रनटाइम एक्सप्लॉइट सूट है। इसमें LXCFS, यूजर नेमस्पेस एक्सप्लॉइटेशन और होस्ट डिस्क माउंटिंग के माध्यम से आइसोलेशन को बायपास करने के लिए विशिष्ट तकनीकें शामिल हैं, साथ ही क्लस्टर एनवायरनमेंट में विशेषाधिकारों को बढ़ाने के लिए क्लाउड मेटाडेटा निकालने और सर्विस अकाउंट अनुमतियों का ऑडिट करने की क्षमताएं भी हैं। यह टूलकिट सुरक्षा ऑडिटिंग क्षमताओं की एक विस्तृत श्रृंखला को कवर करता है, जिसमें सीक्रेट एक्सफिल्ट्रेशन और पॉलिसी एनालिसिस के लिए Kubernetes क्लस्टर ऑडिटिंग, संवेदनशील फाइल और सर्विस स्कैनिंग, और होस्ट नेटवर्क शेयरिंग का पता लगाना शामिल है। यह रिवर्स शेल स्थापित करने, प्रतिबंधित एनवायरनमेंट में पेलोड तैनात करने और न्यूनतम कंटेनर्स के भीतर सिस्टम एडमिनिस्ट्रेशन टूल्स स्थापित करने के लिए यूटिलिटीज भी प्रदान करता है।
Provides capabilities to spawn interactive reverse shell sessions for remote command execution from containerized environments.
Villain is a command and control framework and distributed orchestrator designed for managing reverse TCP and HoaxShell connections. It serves as a reverse shell manager and payload generation tool, allowing for the coordination of remote access across multiple target systems. The project distinguishes itself through a distributed architecture that synchronizes active remote sessions and broadcasts messages across connected server instances for collaborative operations. It includes a fileless execution engine that runs scripts directly in remote memory over HTTP to avoid writing files to the
Interacts with remote terminal sessions and upgrades basic shells into fully interactive pseudo-terminals.
This project is a suite of tools for generating encoded shell commands and network listener configurations used in offensive security operations. It provides a collection of command generators for various shells and listeners to establish remote access during security penetration tests. The tool features a reverse shell payload generator that creates encoded command strings and a network listener command generator that produces the server-side syntax needed to accept incoming network connections. It includes a Base64 command encoder to transform shell commands into encoded strings to bypass s
A functionality in the tool that creates command strings for various shells and listeners to establish remote access during security tests.
This project is a comprehensive command-line reference and toolkit designed for Linux system administration and network security assessment. It provides a collection of technical snippets and operational guides focused on managing remote environments, orchestrating shell sessions, and executing administrative tasks through native terminal utilities. The repository distinguishes itself by offering specialized techniques for stealthy operations and infrastructure manipulation. It covers methods for establishing encrypted tunnels to bypass firewalls, obfuscating process identities and command hi
Provides techniques for establishing reverse shell connections to bypass network restrictions.
Hoaxshell is a command and control system for Windows remote command execution. It provides a framework for generating and managing reverse shell payloads that utilize an HTTP beaconing protocol, where victim clients periodically poll a handler to receive and execute instructions. The project distinguishes itself through its ability to bypass PowerShell Constrained Language Mode using specialized payload generation. It supports encrypted command and control via TLS certificate injection and provides mechanisms for remote session recovery, allowing a handler to reestablish control over active
Generates and manages Windows reverse shell payloads that communicate over HTTP or HTTPS for remote command execution.
Exegol is an offensive security platform and containerized tooling orchestrator designed to deploy and manage isolated security operations environments. It functions as a workspace manager that provisions pre-configured security images and toolkits within Docker containers to protect host systems from malicious payloads. The platform distinguishes itself by integrating AI security workflow orchestration, allowing AI assistants to discover and trigger security tools through a standardized communication protocol. It further provides remote desktop gateway capabilities, enabling GUI access via X
The product creates dynamic reverse-shell commands and provides tools to stabilize the interactive experience.
This project consists of PHP-based payloads and scripts designed to establish reverse network connections for remote shell access. It functions as a remote command execution tool used during security auditing to gain an interactive shell on a web server. The scripts utilize PHP network sockets to redirect system shell input and output to a remote TCP connection. This allows for the establishment of a network connection from a target server back to a controlled machine to execute remote commands. These capabilities support penetration testing workflows, PHP server auditing, and post-exploitat
Implements a reverse shell script that connects a target PHP server back to a remote listener for command execution.
jexboss is a Java deserialization exploit framework and network vulnerability scanner designed to identify and exploit deserialization flaws to achieve remote code execution on target servers. It functions as a suite of tools for delivering payloads and executing system commands on vulnerable remote applications. The project includes a reverse shell orchestrator to establish and maintain persistent remote command connections from exploited targets back to a listener. It also provides post-exploitation automation for managing remote access and updating software on compromised systems. The fra
Establishes a persistent network connection from the compromised target back to a listener for remote terminal access.