39 Repositories
PHP reverse-shell Libraries
PHP shells that work on Linux OS, macOS, and Windows OS.
PHP Reverse Shell Just a little refresh on the popular PHP reverse shell script pentestmonkey/php-reverse-shell. Credits to the original author! Works
Psl is a standard library for PHP, inspired by hhvm/hsl
📚 PHP Standard Library - a modern, consistent, centralized, well-typed, non-blocking set of APIs for PHP programmers
A webshell plugin and interactive shell for pentesting a Moodle instance.
Moodle webshell plugin for RCE A webshell plugin and interactive shell for pentesting a Moodle instance. Features Webshell plugin for Moodle. Execute
Opens an interactive PHP console for running and testing PHP code.
wp-cli/shell-command Opens an interactive PHP console for running and testing PHP code. Quick links: Using | Installing | Contributing | Support Using
Bypass shell 403 forbidden.
Php shell bypass 403. In addition to hacking, it can be used for seo by adding backlinks.
A simple wrapper for (reverse) geocoding
Geocode - A simple wrapper for (reverse) geocoding Installation composer require markuskooche/geocode Usage How to geocode use Illuminate\Support\Col
A dockerized PHP application containing some file upload vulnerability challenges (scenarios)
File Upload Vulnerability Scenarios (Challenges) This repository is a dockerized PHP application containing some file upload vulnerability challenges
PHP Japanese string helper functions for converting Japanese strings from full-width to half-width and reverse. Laravel Rule for validation Japanese string only full-width or only half-width.
Japanese String Helpers PHP Japanese string helper functions for converting Japanese strings from full-width to half-width and reverse. Laravel Rule f
All in one tool for Information Gathering and Vulnerability Scanning
All in one tool for Information Gathering, Vulnerability Scanning and Crawling. A must have tool for all penetration testers
Web Shell Detector – is a php script that helps you find and identify php/cgi(perl)/asp/aspx shells.
Web Shell Detector – is a php script that helps you find and identify php/cgi(perl)/asp/aspx shells. Web Shell Detector has a “web shells” signature database that helps to identify “web shell” up to 99%. By using the latest javascript and css technologies, web shell detector has a light weight and friendly interface.
A multi-purpose web-shell that simplifies running shell commands on webserver
This webshell can be used for multi-purposed especially most if you want to manage your web server but you are in an emergency , so why not use a webshell:)
A simple object oriented interface to execute shell commands in PHP
php-shellcommand php-shellcommand provides a simple object oriented interface to execute shell commands. Installing Prerequisites Your php version mus
Shell Tools for Qiniu Cloud
qshell 简介 qshell是利用七牛文档上公开的API实现的一个方便开发者测试和使用七牛API服务的命令行工具。该工具设计和开发的主要目的就是帮助开发者快速解决问题。目前该工具融合了七牛存储,CDN,以及其他的一些七牛服务中经常使用到的方法对应的便捷命令,比如b64decode,就是用来解码七
A simple shell script which loads a magento environment
A simple shell script to load up a Magento environment and execute PHP code Very experimental and should only be ran on dev servers REQUIRES php pcntl
The new generation of famous WSO web shell. With perks included
wso-ng New generation of famous WSO web shell. With perks included default password is "root" changes can now hook password when loaded via stub ?php
Shell script for Git module deployment with include/exclude filters.
Deploy multiple Git repositories in an unique folder modgit is a shell script for deploying multiple Git repositories in root folder of any project, w
A PHP framework for console artisans
This is a community project and not an official Laravel one Laravel Zero was created by, and is maintained by Nuno Maduro, and is a micro-framework th
Brew PHP switcher is a simple shell script to switch your apache and CLI quickly between major versions of PHP
Brew PHP switcher is a simple shell script to switch your apache and CLI quickly between major versions of PHP. If you support multiple products/projects that are built using either brand new or old legacy PHP functionality. For users of Homebrew (or brew for short) currently only.
Looks up which function or method a line of code belongs to
sebastian/code-unit-reverse-lookup Looks up which function or method a line of code belongs to. Installation You can add this library as a local, per-
Bash/Shell autocompletion for Composer
Bash/Shell Autocompletion for Composer composer-autocomplete provides Bash/Shell autocompletion for Composer. Built by Bram(us) Van Damme (https://www
PHP malware detector
PHP malware detector Smart PHP vulnerability detector Web mode: Console mode: Using PHP malware detector Requirements PHP 5.4+ Install php-malware-det
Reverse proxy skeleton built for docker with traefik, showcasing a Symfony + React application
Decoupled Backend(Symfony) + Frontend(React ts) built with Traefik & Docker Reverse proxy skeleton built for docker with traefik, showcasing a decoupl
AutoLogin @FreeBiznetHotspot, GAPERLU LAGI LOGIN MANUAL TIAP 2 JAM !
AUTO LOGIN @FreeBiznetHotspot Bebas ganti ip & mac di line 10 login.php looping pake bash, jalanin pake bash ./login atau bash login Tested on @freeB
I gues i tried to make a shell that's looks like a terminal in single php file
php-shell-gui Terms of service This tool can only be used for legal purposes. You take full responsibility for any actions performed using this. The o
A simple PHP web backdoor allows you to retrieve directory/file contents and upload file(s) from the local machine or remote URL.
Simple PHP Web Backdoor A simple PHP web backdoor allows you to retrieve directory/file contents and upload file(s) from the local machine or remote U
PHP Reverse Shell reverse-shell.php
PHP Reverse Shell reverse-shell.php PHP Cmd Shell cmd.php JPG cmd Shell cmd.jpg /etc/passwd Pulling Shell etc-passwd.php Configuration Pulling
SubRocks is a faithful recreation & reverse engineering effort for 2012 YouTube
subrocks-2012 a 2012 rewrite for subrocks SubRocks is a faithful recreation & reverse engineering effort for 2012 YouTube. You can visit the site at h
Exploiting API to Shell challenge from Pentesterlab serialize badge.
API to Shell This exercise covers the exploitation of PHP type confusion to bypass a signature and the exploitation of unserialize. A weakness in a si
This shell script and PHP file create a browseable HTML site from the Zig standard library source.
Browseable Zig standard library This shell script and PHP file create a browseable HTML site from the Zig standard library source. The idea is to inve
Spike is a fast reverse proxy built on top of ReactPHP that helps to expose your local services to the internet.
Spike is a fast reverse proxy built on top of ReactPHP that helps to expose your local services to the internet. 简体中文 Installation Install via compose
An Interactive Shell to Lumen Framework.
ABANDONED Please consider to use the official Laravel Tinker, it is also compatible with Lumen: laravel/tinker Lumen Artisan Tinker An Interactive She
YAPS - Yet Another PHP Shell
YAPS - Yet Another PHP Shell Yeah, I know, I know... But that's it. =) As the name reveals, this is yet another PHP reverse shell, one more among hund
Engintron for cPanel/WHM is the easiest way to integrate Nginx on your cPanel/WHM server.
Engintron for cPanel/WHM is the easiest way to integrate Nginx on your cPanel/WHM server. Engintron will improve the performance & web serving capacity of your server, while reducing CPU/RAM load at the same time. It does that by installing & configuring the popular Nginx webserver to act as a reverse caching proxy for static files (like CSS, JS, images etc.) with an additional micro-cache layer to significantly improve performance of dynamic content generated by CMSs like WordPress, Joomla or Drupal as well as forum software like vBulletin, phpBB, SMF or e-commerce solutions like Magento, OpenCart, PrestaShop and others.
A developer-friendly wrapper around execution of shell commands.
ptlis/shell-command A developer-friendly wrapper around execution of shell commands. There were several goals that inspired the creation of this packa
Web Shells that can bypass system firewalls
No System Is Safe Summary Tsayou web shell is a backdoor built using the PHP programming language and designed to bypass multiple system firewalls on
A PHP framework for console artisans
This is a community project and not an official Laravel one Laravel Zero was created by, and is maintained by Nuno Maduro, and is a micro-framework th
Dontbug is a reverse debugger for PHP
Dontbug Debugger Dontbug is a reverse debugger (aka time travel debugger) for PHP. It allows you to record the execution of PHP scripts (in command li
ReactPHP Shell, based on the Symfony Console component.
Pecan Event-driven, non-blocking shell for ReactPHP. Pecan (/pɪˈkɑːn/) provides a non-blocking alternative to the shell provided in the Symfony Consol
A REPL for PHP
PsySH PsySH is a runtime developer console, interactive debugger and REPL for PHP. Learn more at psysh.org and in the manual. PsySH manual 💾 Installa