Alternatives and similar repositories for web-shells:

Users that are interested in web-shells are comparing it to the libraries listed below

• feakk / xxxpwn
  Advanced XPath Injection Tool
  ☆34Updated 9 years ago
• superkojiman / rfishell
  Provide a shell-like interface for exploiting Remote File Inclusion vulnerabilities.
  ☆46Updated 8 years ago
• gwen001 / testxss
  PHP tool to test XSS
  ☆22Updated 5 years ago
• DanMcInerney / autoresp
  Runs Responder, uploads hashes for cracking, alerts when cracked
  ☆37Updated 9 years ago
• omercnet / BurpJDSer-ng
  BurpJDSer-ng
  ☆28Updated this week
• tahmed11 / strutsy
  Strutsy - Mass exploitation of Apache Struts (CVE-2017-5638) vulnerability
  ☆10Updated 6 years ago
• Charliedean / PsexecSpray
  Spray SMB with hashes, Then psexec
  ☆32Updated 5 years ago
• infosec-au / webappsec-toolkit
  Web Application Security related tools. Includes backdoors, proof of concepts and tricks
  ☆37Updated 10 years ago
• incredibleindishell / Local-file-disclosure-SQL-Injection-Lab
  This is sample code to demonstrate how one can use SQL Injection vulnerability to download local file from server in specific condition. …
  ☆44Updated 8 years ago
• diljith369 / avbypassGo
  AV Bypass
  ☆29Updated 7 years ago
• superkojiman / dirtshell
  Provide a sort of shell-ish interface to make file directory traversal quicker and easier.
  ☆24Updated 8 years ago
• lanjelot / pentest-tricks
  Small scripts to assist in pentesting
  ☆19Updated 4 years ago
• michenriksen / nmap-scripts
  A collection of Nmap NSE scripts that I made.
  ☆27Updated 12 years ago
• EnableSecurity / Webapp-Exploit-Payloads
  a collection of payloads for common webapps
  ☆73Updated 11 years ago
• packetforger / localroot
  Collection of tools for privesc on Linux
  ☆34Updated 11 years ago
• matthewdfuller / intellifuzz-xss
  An adaptive, intelligent XSS fuzzer that learns how the response is reflected and carefully crafts an XSS payload to match
  ☆42Updated 12 years ago
• ckt29175 / oscp
  OSCP related stuff ^_^ - Try Harder!
  ☆9Updated 6 years ago
• nccgroup / dotnetpaddingoracle
  Python Implementation of a .NET Padding Oracle Assessment Tool
  ☆30Updated 9 years ago
• AonCyberLabs / Nmap-Scripts
  ☆47Updated 9 years ago
• silentsignal / damn-vulnerable-stateful-web-app
  Short and simple vulnerable PHP web application that naïve scanners found to be perfectly safe
  ☆14Updated 9 years ago
• cornerpirate / iRecon
  Of the thousands of lazy reconnaissance scripts, this one is by far the one in this repository.
  ☆11Updated 3 years ago
• Atrilka / OSCP
  This is my path to OSCP
  ☆11Updated 6 years ago
• digininja / sitediff
  Fingerprint a web app using local files as the fingerprint sources
  ☆38Updated 7 years ago
• mrb3n813 / OSCE-prep
  ☆21Updated 8 years ago
• OpenSecurityResearch / CustomPassiveScanner
  A Custom Scanner for Burp
  ☆30Updated 11 years ago
• hdm / 2017-BSidesLV-Modern-Recon
  Materials related to the 2017 BSides Las Vegas presentation
  ☆52Updated 4 years ago
• taherio / smbXplode
  An alternative for Metasploit psexec module, with automation capabilites to run across multiple hosts, while detecting the correct archit…
  ☆14Updated 9 years ago
• DanMcInerney / SMB-reverse-brute
  Async'ly gather unique usernames thru null SMB sessions and bruteforce them with 2 passwords
  ☆51Updated 7 years ago
• silentsignal / ActiveScan3Plus
  Modified version of ActiveScan++ Burp Suite extension
  ☆31Updated 8 years ago
• audibleblink / oscp_tools
  A collection of scripts from around the web to be used with OSCP
  ☆11Updated 8 years ago