DAws: Advanced Web Shell
There are multiple things that make DAws better than every Web Shell out there: Bypasses Security Systems(IPS, WAFs, etc) like Suhosin(uses up to 20 php functions just to get a command executed). Drops CGI...
Category: Web Maintaining Access
phpbash: semi-interactive PHP shell compressed into a single file
phpbash is a standalone, semi-interactive web shell. Its main purpose is to assist in penetration tests where traditional reverse shells are not possible. The design is based on the default Kali Linux terminal colors,...
PHP-backdoors: collection of PHP backdoors
PHP-backdoors A collection of PHP backdoors. For educational and/or testing purposes only. Notes The deobfuscated folder does not necessarily contain deobfuscated versions of the backdoors you can find in the obfuscated folder. To deobfuscate...
rome-webshell: powerful and delightful PHP WebShell
Rome WebShell A powerful and delightful PHP WebShell This is a lightweight PHP webshell, using only vanilla JavaScript and CSS, no jQuery/Bootstrap bloat. Features Fully interactive file explorer, browser directories, and download files instantly Upload files directly from...
slopShell: php webshell
slopShell php webshell For this shell to work, you need 2 things, a victim that allows php file upload(yourself, in an educational environment) and a way to send http requests to this webshell. How...
Gel4y Mini Shell Backdoor: webshell that can bypass some system security
Gel4y Mini Shell Backdoor Gel4y Webshell is a backdoor built using the PHP programming language in a stealth mode that can bypass server security. Each function has been converted into hex code so that...
wsh: Web shell generator and command line interface
wsh wsh (pronounced woosh) is a web shell generator and command-line interface. This started off as just an http client since interacting with webshells is a pain. There’s a form, to send a command...
phpsploit v3.2 releases: Stealth post-exploitation framework
PhpSploit is a remote control framework, aiming to provide a stealth interactive shell-like connection over HTTP between client and web server. It is a post-exploitation tool capable to maintain access to a compromised web...
bantam: advanced PHP backdoor management tool to bypass WAF, IDS, SIEM systems
Bantam bantam is an advanced PHP backdoor management tool, with a lightweight server footprint, multi-threaded communication, and an advanced payload generation and obfuscation tool. Features end to end encryption with request unique encryption keys,...
IIS Raid: A native backdoor module for Microsoft IIS
IIS Raid IS Raid is a native IIS module that abuses the extendibility of IIS to backdoor the webserver and carry out custom actions defined by an attacker. Documentation When installed, IIS-Raid will process...
