Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本，最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340

Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor

Bypass firewall for traffic forwarding using webshell

SharPyShell - tiny and obfuscated ASP.NET webshell for C# web applications

a very fast brute force webshell password tool

新一代Webshell管理器，兼容蚁剑与冰蝎的PHP webshell

Kraken, a modular multi-language webshell coded by @secu_x11

🔨 Manage your website via terminal

findWebshell是一款基于python开发的webshell检测工具。

Multiplatform Python WebShell

Let's find someone's account

DarkCool All Tools For Hacking Activity! List:~ Exploiter, Checker, Webshell Finder, Grabber, Searching, Bruteforce, Random, And Others Tools

Cheetah GUI

A toolkit for Security Researchers

D3Ext's Forward Shell

A webshell plugin and interactive shell for pentesting a WordPress website.

A webshell manager for php🍩

Yapi mock script RCE another version. Webshell way. 另一种 Webshell 方式的 Yapi 命令执行的方法 相比于其他的利用方式 更加微操和可控 影响更小

A python-based network security penetration testing tool.一款基于python的web安全渗透测试集成工具

Aizawa is a command-line webshell designed to execute commands through HTTP header