Packages that exploit or open backdoors on already vulnerable systems.
Tool count: 79
Name | Version | Description | Category | Website |
---|---|---|---|---|
aesshell | 0.7 | A backconnect shell for Windows and Unix written in python and uses AES in CBC mode in conjunction with HMAC-SHA256 for secure transport. | backdoor windows | |
arcane | 2.750cb9f | Backdoor iOS packages and create the necessary resources for APT repositories. | mobile backdoor | |
avet | 133.2f1d882 | AntiVirus Evasion Tool | binary backdoor automation | |
azazel | 15.a41fbb5 | A userland rootkit based off of the original LD_PRELOAD technique from Jynx rootkit. | backdoor | |
backcookie | 51.6dabc38 | Small backdoor using cookie. | backdoor webapp | |
backdoor-apk | 141.2710126 | Shell script that simplifies the process of adding a backdoor to any Android APK file | mobile backdoor | |
backdoor-factory | 1:210.0c53045 | Patch win32/64 binaries with shellcode. | backdoor binary | |
backdoorme | 308.f9755ca | A powerful utility capable of backdooring Unix machines with a slew of backdoors. | backdoor automation | |
backdoorppt | 88.d0e7f91 | Transform your payload.exe into one fake word doc (.ppt). | backdoor | |
backorifice | 1.0 | A remote administration system which allows a user to control a computer across a tcpip connection using a simple console or GUI application. | windows backdoor | |
barq | 35.6f1a68c | An AWS Cloud Post Exploitation framework. | exploitation backdoor automation recon | |
cymothoa | 1 | A stealth backdooring tool, that inject backdoor's shellcode into an existing process. | backdoor | |
debinject | 43.d884309 | Inject malicious code into *.debs. | backdoor | |
demiguise | 11.58d5681 | HTA encryption tool for RedTeams. | crypto windows backdoor | |
donut | 501.61af8cc | Generates x86, x64 or AMD64+x86 P.I. shellcode loading .NET Assemblies from memory. | backdoor exploitation | |
dr0p1t-framework | 44.db9bc2d | A framework that creates a dropper that bypass most AVs, some sandboxes and have some tricks. | backdoor | |
dragon-backdoor | 7.c7416b7 | A sniffing, non binding, reverse down/exec, portknocking service Based on cd00r.c. | backdoor sniffer windows | |
eggshell | 157.eaeeea7 | iOS/macOS/Linux Remote Administration Tool. | backdoor | |
enyelkm | 1.2 | Rootkit for Linux x86 kernels v2.6. | backdoor | |
evil-winrm | 1:v3.6.r0.g71ca144 | The ultimate WinRM shell for hacking/pentesting. | exploitation backdoor | |
evilpdf | 5.43696a8 | Embedding executable files in PDF Documents. | backdoor | |
exe2image | 1.1 | A simple utility to convert EXE files to JPEG images and vice versa. | backdoor binary | |
gobd | 82.3bbd17c | A Golang covert backdoor. | backdoor | |
harness | 19.ed2a6aa | Interactive remote PowerShell Payload. | backdoor windows | |
hercules-payload | 222.2607a3a | A special payload generator that can bypass all antivirus software. | binary windows backdoor | |
hotpatch | 90.fd2baf1 | Hot patches executables on Linux using .so file injection. | backdoor | |
icmpsh | 12.82caf34 | Simple reverse ICMP shell. | backdoor networking | |
ilo4-toolbox | 47.672a5d6 | Toolbox for HPE iLO4 analysis. | scanner automation backdoor | |
jynx2 | 2.0 | An expansion of the original Jynx LD_PRELOAD rootkit | backdoor | |
k55 | 86.b3c4aa9 | Linux x86_64 Process Injection Utility. | backdoor exploitation | |
kimi | 28.e7cafda | Script to generate malicious debian packages (debain trojans). | backdoor | |
kwetza | 26.0e50272 | Python script to inject existing Android applications with a Meterpreter payload. | backdoor exploitation | |
ld-shatner | 4.5c215c4 | ld-linux code injector. | backdoor binary | |
lfi-image-helper | 0.8 | A simple script to infect images with PHP Backdoors for local file inclusion attacks. | webapp backdoor | |
linux-inject | 100.268d4e4 | Tool for injecting a shared object into a Linux process. | backdoor binary | |
meterssh | 18.9a5ed19 | A way to take shellcode, inject it into memory then tunnel whatever port you want to over SSH to mask any type of communications as a normal SSH connection. | backdoor networking | |
microsploit | 9.441e132 | Fast and easy create backdoor office exploitation using module metasploit packet, Microsoft Office, Open Office, Macro attack, Buffer Overflow. | backdoor | |
ms-sys | 2.8.0 | A tool to write Win9x-.. master boot records (mbr) under linux - RTM! | backdoor binary forensic | |
msf-mpc | 35.8007ef2 | Msfvenom payload creator. | automation backdoor malware | |
msvpwn | 1:65.328921b | Bypass Windows' authentication via binary patching. | windows binary backdoor | |
netbus | 1.6 | NetBus remote adminsitration tool | windows backdoor | |
nxcrypt | 32.6ae06b5 | NXcrypt - python backdoor framework. | backdoor | |
patchkit | 37.95dc699 | Powerful binary patching from Python. | binary backdoor | |
phishery | 14.5743953 | An SSL Enabled Basic Auth Credential Harvester with a Word Document Template URL Injector. | backdoor social | |
php-findsock-shell | 2.b8a984f | A Findsock Shell implementation in PHP + C. | webapp backdoor | |
pivotsuite | 20.5640666 | A portable, platform independent and powerful network pivoting toolkit. | networking backdoor | |
pixload | 87.a8f58a7 | Set of tools for creating/injecting payload into images (hiding backdoors). The following image types are currently supported: BMP, GIF, JPG, PNG, WebP. | webapp backdoor | |
poly | 52.4e6f189 | A python script that generates polymorphic webshells. Use it to encode your favourite shell and make it practically undetectable. | webapp backdoor | |
powerstager | 14.0149dc9 | A payload stager using PowerShell. | binary backdoor | |
pwncat | 0.1.2 | Bind and reverse shell handler with FW/IDS/IPS evasion, self-inject and port-scanning. | backdoor scanner proxy networking | |
pyrasite | 2.0 | Code injection and introspection of running Python processes. | backdoor | |
remot3d | 38.a707ef7 | An Simple Exploit for PHP Language. | webapp backdoor exploitation | |
revsh | 215.174e309 | A reverse shell with terminal support, data tunneling, and advanced pivoting capabilities. | backdoor networking | |
riwifshell | 38.40075d5 | Web backdoor - infector - explorer. | webapp backdoor | |
rrs | 100:1.70 | A reverse (connecting) remote shell. Instead of listening for incoming connections it will connect out to a listener (rrs in listen mode). With tty support and more. | backdoor | |
rspet | 263.de4356e | A Python based reverse shell equipped with functionalities that assist in a post exploitation scenario. | exploitation backdoor dos | |
rubilyn | 0.0.1 | 64bit Mac OS-X kernel rootkit that uses no hardcoded address to hook the BSD subsystem in all OS-X Lion & below. It uses a combination of syscall hooking and DKOM to hide activity on a host. | backdoor | |
saruman | 2.4be8db5 | ELF anti-forensics exec, for injecting full dynamic executables into process image (With thread injection). | binary backdoor anti-forensic | |
sb0x | 19.04f40fe | A simple and Lightweight framework for Penetration testing. | scanner fuzzer cracker backdoor recon | |
shellinabox | 428.98e6eeb | Implements a web server that can export arbitrary command line tools to a web based terminal emulator. | backdoor webapp | |
shellsploit-framework | 273.a16d22f | New Generation Exploit Development Kit. | exploitation backdoor | |
shellter | 7.2 | A dynamic shellcode injection tool, and the first truly dynamic PE infector ever created. | exploitation backdoor windows | |
sherlocked | 1.f190c2b | Universal script packer-- transforms any type of script into a protected ELF executable, encrypted with anti-debugging. | packer binary crypto backdoor | |
shootback | 83.cab462c | A reverse TCP tunnel let you access target behind NAT or firewall. | backdoor tunnel | |
silenttrinity | 293.08b1c61 | An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR. | backdoor | |
sub7 | 2.2 | A remote administration tool. No further comments ;-) | windows backdoor | |
syringe | 12.79a703e | A General Purpose DLL & Code Injection Utility. | backdoor binary windows | |
trixd00r | 0.0.1 | An advanced and invisible userland backdoor based on TCP/IP for UNIX systems. | backdoor | |
tsh | 0.6 | An open-source UNIX backdoor that compiles on all variants, has full pty support, and uses strong crypto for communication. | backdoor | |
tsh-sctp | 2.850a2da | An open-source UNIX backdoor. | backdoor | |
u3-pwn | 2.0 | A tool designed to automate injecting executables to Sandisk smart usb devices with default U3 software install. | backdoor | |
unicorn-powershell | 212.5421d46 | A simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. | backdoor exploitation | |
villain | v2.2.0.r8.g1ad29e5 | C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features and share them among connected sibling servers. | backdoor networking exploitation | |
vlany | 255.9ef014a | Linux LD_PRELOAD rootkit (x86 and x86_64 architectures). | backdoor | |
webacoo | 0.2.3 | Web Backdoor Cookie Script-Kit. | backdoor webapp | |
webshells | 46.e8e1a37 | Web Backdoors. | backdoor webapp | |
webspa | 0.8 | A web knocking tool, sending a single HTTP/S to run O/S commands. | backdoor webapp | |
weevely | 902.ff906a1 | Weaponized web shell. | backdoor webapp | |
zipexec | 19.f8d661f | A unique technique to execute binaries from a password protected zip. | crypto backdoor windows |