3 repository-uri
Runs system commands on a compromised server through a script embedded in a web page for remote control.
Distinct from Web-Based Command Interfaces: Distinct from Web-Based Command Interfaces: focuses specifically on post-exploitation web shells for command execution on compromised servers, not general web-based admin interfaces.
Explore 3 awesome GitHub repositories matching development tools & productivity · Web Shell Executions. Refine with filters or upvote what's useful.
K8tools is a multi-stage attack framework that combines memory-only payload execution, credential testing, port forwarding, privilege escalation, and physical USB-based keystroke injection for comprehensive system compromise. At its core, the Ladon PowerShell module loads a multi-function scanner directly into memory, enabling command execution without writing files to disk, while supporting memory-only payload delivery that downloads and runs obfuscated shellcode or PowerShell commands to evade antivirus detection. The framework distinguishes itself through its breadth of integrated capabili
Runs system commands on a compromised server through a script embedded in a web page for remote control.
AntSword is a cross-platform web manager and penetration testing framework designed for the centralized administration of multiple remote website environments. It functions as a remote website administration tool and a web shell management tool, allowing users to organize and control diverse web servers from a single interface. The project provides a toolkit for security researchers to perform authorized security audits and identify vulnerabilities. It supports web penetration testing and security research workflows to analyze web application behavior and discover potential exploits. The sys
Provides a centralized interface for deploying and managing web shells to execute commands on remote servers.
Exphub este o bibliotecă de scripturi de exploit-uri CVE și o suită de vulnerabilități software enterprise concepută pentru a verifica și exploata defecte de securitate cunoscute în medii server precum WebLogic, Struts2, Tomcat și JBoss. Funcționează ca un toolkit de execuție de la distanță a codului (RCE) și un framework de deployment pentru web shell-uri, utilizat pentru a declanșa execuția neautorizată de comenzi și pentru a stabili acces persistent pe sisteme la distanță. Proiectul include utilitare specializate pentru recunoașterea rețelelor interne, folosind în mod specific server-side request forgery (SSRF) pentru a scana porturi și servicii deschise. De asemenea, oferă mecanisme pentru ocolirea controalelor de acces și pentru citirea sau încărcarea neautorizată de fișiere. Suita acoperă arii largi de capabilități, inclusiv evaluarea vulnerabilităților, testarea de penetrare și execuția de scripturi proof-of-concept pentru a confirma prezența vulnerabilităților de securitate.
Deploys scripts on compromised servers to create permanent HTTP interfaces for remote command execution.