Security Training Share
LFI Suite is a totally automatic tool able to scan and exploit Local File Inclusion vulnerabilities using many different methods of attack, listed in the section Features. Features Works with Windows, Linux and OS X Automatic...
Cheetah is a dictionary-based brute force password webshell tool, running as fast as a cheetah hunt for prey. Cheetah’s working principle is that it can submit a large number of detection passwords based on...
OWASP Mth3l3m3nt Framework is a penetration testing aiding tool and exploitation framework. It fosters a principle of attack the web using the web as well as pentest on the go through its responsive interface....
Altman3 Introduction Altman3 is a penetration testing software, which is web-hosted on Github Pages. Up to now, the software is capable of: Webshell module: the xml definition is adopted for customized script type and function, as...
phpbash is a standalone, semi-interactive web shell. Its main purpose is to assist in penetration tests where traditional reverse shells are not possible. The design is based on the default Kali Linux terminal colors,...
Introduce WeBaCoo – Web Backdoor Cookie Script-Kit. aiming to provide a stealth terminal-like connection over HTTP between client and web server. It is a post exploitation tool to maintain access to a compromised web...
PyShell – Shellify Your HTTP Command Injection! Did firewall get you down? Are your reverse-shell connection attempts being filtered? Are you stuck working solely over HTTP / HTTPS? Then this just might be just...
Blade is a webshell connection tool based on console, currently under development and aims to be a choice of replacement of Chooper. Chooper is a very cool webshell client with wide types of server-side...
ShellComm is a simple interactive CLI remote shell communicator. Sometimes, during a pentest, you get to upload a shell but you can’t upload a heavy, complex one for whatever reason. In those situations, you can...
Weevely is a webshell management tool written in python. Weevely tutorial article describes from basic to advance its most function on your penetration testing. Weevely is available on Kali Linux. Weevely is a command...
Like any thing has two sides, hackers can both malicious attacks damage, the same can also use their own technology to find the system vulnerabilities, defects, etc., and then notify the relevant enterprises to...
LDAP-credentials-collector-backdoor-generator Idea About This script Last year, during external network VAPT of a client I got inside the network using vulnerable web application. Once I was inside, I observed there is an intranet application...
What is WebSpa? WebSpa is a Java web knocking tool for sending a single HTTP/S request to your web server, in order to authorize the execution of a premeditated Operating System (O/S) command on...
b374k PHP Webshell This PHP Shell is a useful tool for system or web administrator to do remote management without using cpanel, connecting using ssh, ftp etc. All actions take place within a web browser...
