flozz / P0wny Shell
Licence: wtfpl
Single-file PHP shell
Stars: ✭ 949
Labels
Projects that are alternatives of or similar to P0wny Shell
Awesome Oscp
A curated list of awesome OSCP resources
Stars: ✭ 804 (-15.28%)
Mutual labels: pentesting
Pwncat
pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)
Stars: ✭ 904 (-4.74%)
Mutual labels: pentesting
Active Directory Exploitation Cheat Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Stars: ✭ 870 (-8.32%)
Mutual labels: pentesting
Sn0int
Semi-automatic OSINT framework and package manager
Stars: ✭ 814 (-14.23%)
Mutual labels: pentesting
Security
Some of my security stuff and vulnerabilities. Nothing advanced. More to come.
Stars: ✭ 835 (-12.01%)
Mutual labels: pentesting
Privesc
A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.
Stars: ✭ 786 (-17.18%)
Mutual labels: pentesting
Kubernetes Goat
Kubernetes Goat is "Vulnerable by Design" Kubernetes Cluster. Designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security.
Stars: ✭ 868 (-8.54%)
Mutual labels: pentesting
Ciphey
⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
Stars: ✭ 9,116 (+860.59%)
Mutual labels: pentesting
Hashtopolis
A Hashcat wrapper for distributed hashcracking
Stars: ✭ 835 (-12.01%)
Mutual labels: pentesting
V3n0m Scanner
Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
Stars: ✭ 847 (-10.75%)
Mutual labels: pentesting
Sprayingtoolkit
Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient
Stars: ✭ 802 (-15.49%)
Mutual labels: pentesting
Commoncrawlparser
Simple multi threaded tool to extract domain related data from commoncrawl.org
Stars: ✭ 25 (-97.37%)
Mutual labels: pentesting
Outsmarting Smart Contracts
A repo with information about security of Ethereum Smart Contracts
Stars: ✭ 29 (-96.94%)
Mutual labels: pentesting
Babysploit
👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍
Stars: ✭ 883 (-6.95%)
Mutual labels: pentesting
Sudomy
Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Stars: ✭ 859 (-9.48%)
Mutual labels: pentesting
[email protected]:~# -- Single-file PHP Shell
[email protected]:~# is a very basic, single-file, PHP shell. It can be used to quickly execute commands on a server when pentesting a PHP application. Use it with caution: this script represents a security risk for the server.
Features:
- Command history (using arrow keys
↑
↓
) - Auto-completion of command and file names (using
Tab
key) - Navigate on the remote file-system (using
cd
command) - Upload a file to the server (using
upload <destination_file_name>
command) - Download a file from the server (using
download <file_name>
command)
WARNING: THIS SCRIPT IS A SECURITY HOLE. DO NOT UPLOAD IT ON A SERVER UNTIL YOU KNOW WHAT YOU ARE DOING!
Demo with Docker:
docker build -t p0wny .
docker run -it -p 8080:80 -d p0wny
# open with your browser http://127.0.0.1:8080/shell.php
Changelog
-
2021-01-24:
- Style improvements:
- Better-looking scrollbar on webkit (@nakamuraos)
- Display a smaller logo on mobile (@nakamuraos)
- Ergonomic improvements:
- Focus the command field when clicking the page (@nakamuraos)
- Put the cursor at the end of the command field while navigating the history (@nakamuraos)
- Style improvements:
-
2019-06-07: Adds the
clear
command to clear the terminal (@izharaazmi #12) - 2018-12-15: File upload and download feature (@Oshawk #5)
- 2018-06-01:
- 2018-05-30:
- 2017-10-30: CSS: invalid color fixed
- 2016-11-10: Initial release
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].