Packages that exploit or open backdoors on already vulnerable systems.
Tool count: 70
| Name | Version | Description | Category | Website |
|---|---|---|---|---|
| aesshell | 0.7 | A backconnect shell for Windows and Unix written in python and uses AES in CBC mode in conjunction with HMAC-SHA256 for secure transport. | backdoor windows | |
| avet | 133.2f1d882 | AntiVirus Evasion Tool | binary backdoor automation | |
| azazel | 14.e6a12a2 | A userland rootkit based off of the original LD_PRELOAD technique from Jynx rootkit. | backdoor | |
| backcookie | 51.6dabc38 | Small backdoor using cookie. | backdoor webapp | |
| backdoor-apk | 141.2710126 | Shell script that simplifies the process of adding a backdoor to any Android APK file | mobile backdoor | |
| backdoor-factory | 1:200.14b87fa | Patch win32/64 binaries with shellcode. | backdoor binary | |
| backdoorme | 308.f9755ca | A powerful utility capable of backdooring Unix machines with a slew of backdoors. | backdoor automation | |
| backdoorppt | 87.6886fd6 | Transform your payload.exe into one fake word doc (.ppt). | backdoor | |
| backorifice | 1.0 | A remote administration system which allows a user to control a computer across a tcpip connection using a simple console or GUI application. | windows backdoor | |
| cymothoa | 1 | A stealth backdooring tool, that inject backdoor's shellcode into an existing process. | backdoor | |
| debinject | 40.88b7824 | Inject malicious code into *.debs. | backdoor | |
| demiguise | 9.0293989 | HTA encryption tool for RedTeams. | crypto windows backdoor | |
| donut | 161.2207e89 | Generates x86, x64 or AMD64+x86 P.I. shellcode loading .NET Assemblies from memory. | backdoor exploitation | |
| dr0p1t-framework | 44.db9bc2d | A framework that creates a dropper that bypass most AVs, some sandboxes and have some tricks. | backdoor | |
| dragon-backdoor | 7.c7416b7 | A sniffing, non binding, reverse down/exec, portknocking service Based on cd00r.c. | backdoor sniffer windows | |
| eggshell | 157.eaeeea7 | iOS/macOS/Linux Remote Administration Tool. | backdoor | |
| enyelkm | 1.2 | Rootkit for Linux x86 kernels v2.6. | backdoor | |
| exe2image | 1.1 | A simple utility to convert EXE files to JPEG images and vice versa. | backdoor binary | |
| gobd | 82.3bbd17c | A Golang covert backdoor. | backdoor | |
| harness | 19.ed2a6aa | Interactive remote PowerShell Payload. | backdoor windows | |
| hercules-payload | 220.958541e | A special payload generator that can bypass all antivirus software. | binary windows backdoor | |
| hotpatch | 89.4b65e3f | Hot patches executables on Linux using .so file injection. | backdoor | |
| icmpsh | 12.82caf34 | Simple reverse ICMP shell. | backdoor networking | |
| ilo4-toolbox | 33.a08e718 | Toolbox for HPE iLO4 analysis. | scanner automation backdoor | |
| jynx2 | 2.0 | An expansion of the original Jynx LD_PRELOAD rootkit | backdoor | |
| kimi | 28.e7cafda | Script to generate malicious debian packages (debain trojans). | backdoor | |
| kwetza | 26.0e50272 | Python script to inject existing Android applications with a Meterpreter payload. | backdoor exploitation | |
| ld-shatner | 4.5c215c4 | ld-linux code injector. | backdoor binary | |
| lfi-image-helper | 0.8 | A simple script to infect images with PHP Backdoors for local file inclusion attacks. | webapp backdoor | |
| linux-inject | 100.268d4e4 | Tool for injecting a shared object into a Linux process. | backdoor binary | |
| meterssh | 18.9a5ed19 | A way to take shellcode, inject it into memory then tunnel whatever port you want to over SSH to mask any type of communications as a normal SSH connection. | backdoor networking | |
| microsploit | 9.441e132 | Fast and easy create backdoor office exploitation using module metasploit packet, Microsoft Office, Open Office, Macro attack, Buffer Overflow. | backdoor | |
| ms-sys | 2.6.0 | A tool to write Win9x-.. master boot records (mbr) under linux - RTM! | backdoor binary forensic | |
| msf-mpc | 23.eb2279a | Msfvenom payload creator. | automation backdoor malware | |
| msvpwn | 1:65.328921b | Bypass Windows' authentication via binary patching. | windows binary backdoor | |
| netbus | 1.6 | NetBus remote adminsitration tool | windows backdoor | |
| nxcrypt | 32.6ae06b5 | NXcrypt - python backdoor framework. | backdoor | |
| patchkit | 36.5fe79b7 | Powerful binary patching from Python. | binary backdoor | |
| phishery | 14.5743953 | An SSL Enabled Basic Auth Credential Harvester with a Word Document Template URL Injector. | backdoor social | |
| php-findsock-shell | 2.b8a984f | A Findsock Shell implementation in PHP + C. | webapp backdoor | |
| pivotsuite | 18.6519486 | A portable, platform independent and powerful network pivoting toolkit. | networking backdoor | |
| poly | 52.4e6f189 | Polymorphic webshells. | webapp backdoor | |
| powerstager | 12.b0201c8 | A payload stager using PowerShell. | binary backdoor | |
| pyrasite | 2.0 | Code injection and introspection of running Python processes. | backdoor | |
| remot3d | 35.788f2bb | An Simple Exploit for PHP Language. | webapp backdoor exploitation | |
| revsh | 215.174e309 | A reverse shell with terminal support, data tunneling, and advanced pivoting capabilities. | backdoor networking | |
| riwifshell | 38.40075d5 | Web backdoor - infector - explorer. | webapp backdoor | |
| rrs | 100:1.70 | A reverse (connecting) remote shell. Instead of listening for incoming connections it will connect out to a listener (rrs in listen mode). With tty support and more. | backdoor | |
| rspet | 263.de4356e | A Python based reverse shell equipped with functionalities that assist in a post exploitation scenario. | exploitation backdoor dos | |
| rubilyn | 0.0.1 | 64bit Mac OS-X kernel rootkit that uses no hardcoded address to hook the BSD subsystem in all OS-X Lion & below. It uses a combination of syscall hooking and DKOM to hide activity on a host. | backdoor | |
| saruman | 2.4be8db5 | ELF anti-forensics exec, for injecting full dynamic executables into process image (With thread injection). | binary backdoor anti-forensic | |
| sb0x | 19.04f40fe | A simple and Lightweight framework for Penetration testing. | scanner fuzzer cracker backdoor recon | |
| shellinabox | 428.98e6eeb | Implements a web server that can export arbitrary command line tools to a web based terminal emulator. | backdoor webapp | |
| shellsploit-framework | 273.a16d22f | New Generation Exploit Development Kit. | exploitation backdoor | |
| shellter | 7.1 | A dynamic shellcode injection tool, and the first truly dynamic PE infector ever created. | exploitation backdoor windows | |
| sherlocked | 1.f190c2b | Universal script packer-- transforms any type of script into a protected ELF executable, encrypted with anti-debugging. | packer binary crypto backdoor | |
| shootback | 80.6ce0173 | A reverse TCP tunnel let you access target behind NAT or firewall. | backdoor tunnel | |
| silenttrinity | 170.4766ba3 | An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR. | backdoor | |
| sub7 | 2.2 | A remote administration tool. No further comments ;-) | windows backdoor | |
| syringe | 12.79a703e | A General Purpose DLL & Code Injection Utility. | backdoor binary windows | |
| trixd00r | 0.0.1 | An advanced and invisible userland backdoor based on TCP/IP for UNIX systems. | backdoor | |
| tsh | 0.6 | An open-source UNIX backdoor that compiles on all variants, has full pty support, and uses strong crypto for communication. | backdoor | |
| tsh-sctp | 2.850a2da | An open-source UNIX backdoor. | backdoor | |
| u3-pwn | 2.0 | A tool designed to automate injecting executables to Sandisk smart usb devices with default U3 software install. | backdoor | |
| unicorn-powershell | 162.8c9dd39 | A simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. | backdoor exploitation | |
| vlany | 255.9ef014a | Linux LD_PRELOAD rootkit (x86 and x86_64 architectures). | backdoor | |
| webacoo | 0.2.3 | Web Backdoor Cookie Script-Kit. | backdoor webapp | |
| webshells | 32.8ab02aa | Web Backdoors. | backdoor webapp | |
| webspa | 0.8 | A web knocking tool, sending a single HTTP/S to run O/S commands. | backdoor webapp | |
| weevely | 834.67481c7 | Weaponized web shell. | backdoor webapp |