JATAYU Stealthy Stand-Alone PHP Web Shell FEATURES Http Header Based Authentication. 100% Undetectable. Exec Function Changer. Nothing Fancy Download git clone https://github.com/SpiderMate/Jatayu.git Use FUNCTIONS PARAMETER FUNCTION fn=1 Calls...
Opal Stealth post-exploitation framework for WordPress CMS What is it and why was it made? We intentionally made it for our penetration testing jobs however its getting grey hairs now...
wsManager (Webshell Manager) can be used to quickly execute commands on a server while pentesting a PHP application. The client interface is written in C#, which operate using a simple...
SharPyShell SharPyShell is a tiny and obfuscated ASP.NET webshell that executes commands received by an encrypted channel compiling them in memory at runtime. SharPyShell supports only C# web applications that...
barq barq: The AWS Cloud Post Exploitation framework! barq is a post-exploitation framework that allows you to easily perform attacks on a running AWS infrastructure. It allows you to attack...
phpbash is a standalone, semi-interactive web shell. Its main purpose is to assist in penetration tests where traditional reverse shells are not possible. The design is based on the default...
p0wny@shell:~# — Single-file PHP Shell p0wny@shell:~# is a very basic, single-file, PHP shell. It can be used to quickly execute commands on a server when pentesting a PHP application. Use...
PhpSploit is a remote control framework, aiming to provide a stealth interactive shell-like connection over HTTP between client and web server. It is a post-exploitation tool capable to maintain access...
Web Maintaining Access / WebApp PenTest
by do son · Published October 17, 2018 · Last modified March 9, 2024
Weevely is a web shell designed for remote server administration and penetration testing that can be extended over the network at runtime with more than 30 modules. It executes remote...
nano Nano is a family of PHP webshells which are code golfed to be extremely stealthy and efficient. Note: You may need to tweak some parts of the code if it...
pinky v2 Uploading a webshell is almost always the next step after exploiting a web vulnerability, but services like Cloudflare and the new generation of firewalls do a really good...
novahot is a webshell framework for penetration testers. It implements a JSON-based API that can communicate with trojans written in any language. By default, it ships with trojans written in PHP,...
poly A python script that generates polymorphic webshells. Use it to encode your favorite shell and make it practically undetectable. If no shell is specified with the -p argument, the...
Web Maintaining Access / WebApp PenTest
by do son · Published March 8, 2018 · Last modified October 25, 2022
Altman3 Introduction Altman3 is a penetration testing software, which is web-hosted on Github Pages. Up to now, the software is capable of: Webshell module: the xml definition is adopted for customized script...
PyShell – Shellify Your HTTP Command Injection! Did firewall get you down? Are your reverse-shell connection attempts being filtered? Are you stuck working solely over HTTP / HTTPS? Then this...
Support Securityonline.info site. Thanks!
