PHPsploit Logo

PHPsploit

0
Free
Offensive Security
c2
php
web-server
http-headers
backdoor
privilege-escalation
log-analysis
Visit Website

Full-featured C2 framework which silently persists on webserver via polymorphic PHP oneliner. The obfuscated communication is accomplished using HTTP headers under standard client requests and web server's relative responses, tunneled through a tiny polymorphic backdoor: <?php @eval($_SERVER['HTTP_PHPSPL01T']); ?> Efficient: More than 20 plugins to automate privilege-escalation tasks. Run commands and browse filesystem, bypassing PHP security restrictions. Upload/Download files between client and target. Edit remote files through local text editor. Run SQL console on target system. Spawn reverse TCP shells. Stealth: The framework is made by paranoids, for paranoids. Nearly invisible by log analysis and NIDS signature detection. Safe-mode and common PHP security restrictions bypass. Communications are hidden in HTTP Headers. Loaded payloads are obfuscated to bypass NIDS. http/https/socks4/socks5 Proxy support. Convenient: A robust interface with many crucial features. Detailed help for any optio

FEATURES

ALTERNATIVES

Finshir Logo
Finshir

High-performant, coroutines-driven, and fully customisable Low & Slow load generator for real-world pentesting with undetectability through Tor.

Free
Offensive Security
APT Simulator Logo
APT Simulator

APT Simulator is a tool for simulating a compromised system on Windows.

Free
Offensive Security
Strengthen Your Phishing with Apache mod_rewrite and Mobile User Redirection Logo
Strengthen Your Phishing with Apache mod_rewrite and Mobile User Redirection

A guide on using Apache mod_rewrite to strengthen phishing attacks and bypass mobile device restrictions

Free
Offensive Security
hakrawler Logo
hakrawler

A simple, fast web crawler for discovering endpoints and assets in a web application

Free
Offensive Security
Pwndrop Logo
Pwndrop

Pwndrop is a self-deployable file hosting service for red teamers, allowing easy upload and sharing of payloads over HTTP and WebDAV.

Free
Offensive Security
dref Logo
dref

A DNS rebinding exploitation framework

Free
Offensive Security
SMOD Logo
SMOD

Modular framework for pentesting Modbus protocol with diagnostic and offensive features.

Free
Offensive Security
Domain Logo
Domain

Setup script for Regon-ng

Free
Offensive Security

PINNED

Fabric Platform by BlackStork Logo

Fabric Platform by BlackStork

Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.

Free
Security Operations
Mandos Brief Newsletter Logo

Mandos Brief Newsletter

Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.

Free
Blogs and News
Wiz Logo

Wiz

Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.

Commercial
Cloud Security
Adversa AI Logo

Adversa AI

Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.

Commercial
AI Security
CyberSecTools logoCyberSecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Copyright © 2024 - All rights reserved

LINKS
Blog
LEGAL
Terms of servicesPrivacy policy