vshell v3.1 releases: Remote Administration tool written in Go


vshell is a Remote Administration tool written in Go (RAT)

It uses an AntSword control host. AntSword is an open-source, cross-platform website administration tool, is designed to meet the needs of penetration testers together with security researchers with permissions and/or authorizations as well as webmasters.

The basic framework is

client <-> teamserver <-> AntSword

AntSword Shell type choose CUSTOM

1. AntSword main function

File upload/download, command execution, database operation, modification of file timestamp, etc

The database only supports mysql. Too much support will cause the client file to be too large. For other databases, please use socks5 proxy to connect

2. AntSword Plugins

ScreenShot, Procdump, HackBrowserData, Memoryrun, socks5 Proxy, Service add

3. Parameter hiding, process name hiding(not support windows)

The parameters and names of the process will be hidden to prevent simple traceability to the teamserver IP. The whole process under Darwin will be hidden.



-PWD PassWord (default “vshell”)
-RHOST Team Server IP (default “”)
-RPORT Team Server Port (default “10080”)


-LPORT Listen PORT (default 10080)
-MINPORT MinAccess Port (default 28000)
-MPORT Monitor Port (default 10081)
-MPWD Monitor PassWord (default “veo”)