Information Security
Opal Stealth post-exploitation framework for WordPress CMS What is it and why was it made? We intentionally made it for our penetration testing jobs however its getting grey hairs now so we thought we...
rtty Access your terminal behind a NAT or firewall over the web-based on your terminal’s macaddr. It is composed of the client and the server. The server is written in go language and uses the vue+iview....
Weevely is a web shell designed for remote server administration and penetration testing that can be extended over the network at runtime with more than 30 modules. It executes remote code via an obfuscated...
wsManager (Webshell Manager) can be used to quickly execute commands on a server while pentesting a PHP application. The client interface is written in C#, which operate using a simple web-based backdoor implemented by...
SharPyShell SharPyShell is a tiny and obfuscated ASP.NET webshell that executes commands received by an encrypted channel compiling them in memory at runtime. SharPyShell supports only C# web applications that run on .NET Framework...
barq barq: The AWS Cloud Post Exploitation framework! barq is a post-exploitation framework that allows you to easily perform attacks on a running AWS infrastructure. It allows you to attack running EC2 instances without...
FwdSh3ll FwdSh3ll is a tiny open source framework for crafting forward shells. What is a forward shell? Have you ever been caught in a situation when performing a pentest you discover an RCE vulnerability in a...
phpbash is a standalone, semi-interactive web shell. Its main purpose is to assist in penetration tests where traditional reverse shells are not possible. The design is based on the default Kali Linux terminal colors,...
p0wny@shell:~# — Single-file PHP Shell p0wny@shell:~# is a very basic, single-file, PHP shell. It can be used to quickly execute commands on a server when pentesting a PHP application. Use it with caution: this...
PhpSploit is a remote control framework, aiming to provide a stealth interactive shell-like connection over HTTP between client and web server. It is a post-exploitation tool capable to maintain access to a compromised web...
