3 个仓库
Runs system commands on a compromised server through a script embedded in a web page for remote control.
Distinct from Web-Based Command Interfaces: Distinct from Web-Based Command Interfaces: focuses specifically on post-exploitation web shells for command execution on compromised servers, not general web-based admin interfaces.
Explore 3 awesome GitHub repositories matching development tools & productivity · Web Shell Executions. Refine with filters or upvote what's useful.
K8tools is a multi-stage attack framework that combines memory-only payload execution, credential testing, port forwarding, privilege escalation, and physical USB-based keystroke injection for comprehensive system compromise. At its core, the Ladon PowerShell module loads a multi-function scanner directly into memory, enabling command execution without writing files to disk, while supporting memory-only payload delivery that downloads and runs obfuscated shellcode or PowerShell commands to evade antivirus detection. The framework distinguishes itself through its breadth of integrated capabili
Runs system commands on a compromised server through a script embedded in a web page for remote control.
AntSword 是一个跨平台的 Web 管理器和渗透测试框架,专为多个远程网站环境的集中式管理而设计。它作为一个远程网站管理工具和 Web Shell 管理工具,允许用户从单个界面组织和控制不同的 Web 服务器。 该项目为安全研究人员提供了一个工具包,用于执行授权的安全审计并识别漏洞。它支持 Web 渗透测试和安全研究工作流,以分析 Web 应用行为并发现潜在的漏洞利用。 该系统涵盖了远程网站管理和跨平台 Web 管理的广泛功能,能够跨不同的操作系统和托管平台执行管理任务和安全检查。
Provides a centralized interface for deploying and managing web shells to execute commands on remote servers.
Exphub 是一个 CVE 利用脚本库和企业软件漏洞套件,旨在验证和利用 WebLogic、Struts2、Tomcat 和 JBoss 等服务器环境中的已知安全漏洞。它作为一个远程代码执行工具包和 Web Shell 部署框架,用于触发未经授权的命令执行并在远程系统上建立持久访问。 该项目包含用于内网侦察的专用工具,特别是利用服务端请求伪造(SSRF)来扫描开放端口和服务。它还提供了绕过访问控制以及执行未经授权的文件读取和上传的机制。 该套件涵盖了广泛的功能领域,包括漏洞评估、渗透测试以及执行概念验证(PoC)脚本以确认安全漏洞的存在。
Deploys scripts on compromised servers to create permanent HTTP interfaces for remote command execution.