# pentestmonkey/php-reverse-shell

**Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/pentestmonkey-php-reverse-shell).**

2,720 stars · 1,893 forks · PHP · gpl-2.0

## Links

- GitHub: https://github.com/pentestmonkey/php-reverse-shell
- awesome-repositories: https://awesome-repositories.com/repository/pentestmonkey-php-reverse-shell.md

## Description

This project consists of PHP-based payloads and scripts designed to establish reverse network connections for remote shell access. It functions as a remote command execution tool used during security auditing to gain an interactive shell on a web server.

The scripts utilize PHP network sockets to redirect system shell input and output to a remote TCP connection. This allows for the establishment of a network connection from a target server back to a controlled machine to execute remote commands.

These capabilities support penetration testing workflows, PHP server auditing, and post-exploitation access to evaluate the security configuration of PHP environments.

## Tags

### Security & Cryptography

- [Reverse Shells](https://awesome-repositories.com/f/security-cryptography/reverse-shells.md) — Implements a reverse shell script that connects a target PHP server back to a remote listener for command execution.
- [Remote Command Execution Tools](https://awesome-repositories.com/f/security-cryptography/remote-command-execution-tools.md) — Functions as a utility for delivering payloads and managing persistent remote command sessions.
- [PHP Environment Auditing](https://awesome-repositories.com/f/security-cryptography/php-environment-auditing.md) — Facilitates evaluating PHP security configurations by attempting to execute unauthorized system-level instructions.
- [Post-Exploitation Toolkits](https://awesome-repositories.com/f/security-cryptography/post-exploitation-toolkits.md) — Provides capabilities for maintaining access and escalating control over a compromised web server.

### Development Tools & Productivity

- [Shell Command Execution](https://awesome-repositories.com/f/development-tools-productivity/shell-command-execution.md) — Spawns a system shell process on the target machine to execute operating system commands.

### DevOps & Infrastructure

- [Remote Command Execution](https://awesome-repositories.com/f/devops-infrastructure/remote-command-execution.md) — Establishes a network connection from a target server back to a local machine for executing system commands.
- [Input and Output Stream Control](https://awesome-repositories.com/f/devops-infrastructure/remote-command-execution/input-and-output-stream-control.md) — Redirects the standard input and output streams of the system process directly into a network socket.

### Networking & Communication

- [Socket Networking](https://awesome-repositories.com/f/networking-communication/socket-networking.md) — Establishes raw TCP socket connections to transmit data and receive commands from a remote controller.
- [Payloads](https://awesome-repositories.com/f/networking-communication/socket-networking/payloads.md) — Provides a minimal PHP payload that uses sockets to redirect shell I/O to a remote connection.

### Part of an Awesome List

- [Penetration Testing](https://awesome-repositories.com/f/awesome-lists/security/penetration-testing.md) — Provides tools for simulating exploits to gain interactive shell access during security assessments.
