Information Security
IIS Raid IS Raid is a native IIS module that abuses the extendibility of IIS to backdoor the webserver and carry out custom actions defined by an attacker. Documentation When installed, IIS-Raid will process...
Opal Stealth post-exploitation framework for WordPress CMS What is it and why was it made? We intentionally made it for our penetration testing jobs however its getting grey hairs now so we thought we...
JATAYU Stealthy Stand-Alone PHP Web Shell FEATURES Http Header Based Authentication. 100% Undetectable. Exec Function Changer. Nothing Fancy Download git clone https://github.com/SpiderMate/Jatayu.git Use FUNCTIONS PARAMETER FUNCTION fn=1 Calls function shell_exec() fn=2 Calls...
Omega Framework Omega Framework is a PHP post-exploitation framework, aiming to provide a stealth interactive shell-like connection over HTTP between client and web server using only a simple PHP payload. It is a powerful...
rtty Access your terminal behind a NAT or firewall over the web-based on your terminal’s macaddr. It is composed of the client and the server. The server is written in go language and uses the vue+iview....
wsManager (Webshell Manager) can be used to quickly execute commands on a server while pentesting a PHP application. The client interface is written in C#, which operate using a simple web-based backdoor implemented by...
Weevely is a web shell designed for remote server administration and penetration testing that can be extended over the network at runtime with more than 30 modules. It executes remote code via an obfuscated...
SharPyShell SharPyShell is a tiny and obfuscated ASP.NET webshell that executes commands received by an encrypted channel compiling them in memory at runtime. SharPyShell supports only C# web applications that run on .NET Framework...
barq barq: The AWS Cloud Post Exploitation framework! barq is a post-exploitation framework that allows you to easily perform attacks on a running AWS infrastructure. It allows you to attack running EC2 instances without...
FwdSh3ll FwdSh3ll is a tiny open source framework for crafting forward shells. What is a forward shell? Have you ever been caught in a situation when performing a pentest you discover an RCE vulnerability in a...
