PhpSploit is a remote control framework, aiming to provide a stealth interactive shell-like connection over HTTP between client and web server. It is a post-exploitation…
View More phpsploit v3.0 releases: Stealth post-exploitation framework
Tag: php webshell
php malware finder: Detect potentially malicious PHP files
PHP malware finder does it is very best to detect obfuscated/dodgy code as well as files using PHP functions often used in malware/webshells. The following…
View More php malware finder: Detect potentially malicious PHP files
DAws: Advanced Web Shell
There are multiple things that make DAws better than every Web Shell out there: Bypasses Security Systems(IPS, WAFs, etc) like Suhosin(uses up to 20 php…
View More DAws: Advanced Web Shell
WeBaCoo – Web Backdoor Cookie Script-Kit
Introduce WeBaCoo – Web Backdoor Cookie Script-Kit. aiming to provide a stealth terminal-like connection over HTTP between client and web server. It is a post…
View More WeBaCoo – Web Backdoor Cookie Script-Kit
shellcomm-php: Communicate with a remote shell easily
ShellComm is a simple interactive CLI remote shell communicator. Sometimes, during a pentest, you get to upload a shell but you can’t upload a heavy, complex…
View More shellcomm-php: Communicate with a remote shell easily
Web Shell Detector: Find webshell on server
Web Shell Detector – is a php script that helps you find and identify php/cgi(perl)/asp/aspx shells. Web Shell Detector has a “web shells” signature database…
View More Web Shell Detector: Find webshell on server
Some technique to bypass waf for uploading Shell on webserver
File upload vulnerability is when the user uploads an executable script file, and through the script file to obtain the ability to execute server-side commands.…
View More Some technique to bypass waf for uploading Shell on webserver
[Bypass WAF] Php webshell without numbers and letters
Normally, you often write webshell that includes numbers and letter like below: For bypass WAF, you can use some techniques to re-write your webshell. Idea…
View More [Bypass WAF] Php webshell without numbers and letters
shellstack: Manage All Your Backdoored Websites Efficiently
ShellStack is a PHP based backdoor management tool. This Tool comes handy for “HACKERS” who wish to keep a track of every website they hack.…
View More shellstack: Manage All Your Backdoored Websites Efficiently
snodew: PHP root (suid) reverse shell
snodew is a PHP reverse shell backdoor which uses a small suid binary to escalate privileges on connection snodew is made mainly to work alongside vlany but…
View More snodew: PHP root (suid) reverse shell