Skip to content

Instantly share code, notes, and snippets.

@sbnsec

sbnsec/webshell-list.txt

Created May 8, 2020 08:59
Show Gist options
  • Save sbnsec/352128ea5bd8c95f48d748d5f25e3639 to your computer and use it in GitHub Desktop.
Save sbnsec/352128ea5bd8c95f48d748d5f25e3639 to your computer and use it in GitHub Desktop.
Download ZIP
List of well known webshell
Raw
webshell-list.txt
023.jsp
08小组内部交流专用.asp
12309.php
1427683968524.jpg
1.png
2.png
3fexe Shell.asp
3.png
404 infiltrate team.asp
404 Not Found.php
404.php
404super.php
404webshell.php
45233.py
4.png
529.php
80sec内部专用过世界杀软休积最小功能超强超猛宇宙第一.asp
about.txt
ACat.jar
ACat_jdk1.5.jar
ACat-src.zip
ACat-附数据库驱动.jar
ACat-附数据库驱动-jdk1.5.jar
accept_language.php
Adminer - Compact database management.php
Ajax_PHP Command Shell.php
Ajax_PHP_Command_Shell.php
AK-74.php
AK-74 Security Team.php
AK-74 Security Team Web Shell Beta Version.php
alfa3.php
all-repos.txt
Andela 1C3 v3 (Private Release 2017).php
andela.php
angel.php
Ani-Shell.php
anonexploitershell.php
Antak Webshell.aspx
Antichat Shell. Modified by Go0o$E.php
Antichat Shell.php
Antichat_Shell.php
Antichat Shell v1.3.php
Antichat_Shell_v1.3.php
Antichat Socks5 Server v 1.0.php
applypatch-msg.sample
Aria cPanel cracker version 1.0 - Edited By KingDefacer.php
A robust backdoor script made by Daniel Berliner.php
Asp_Aspx_Php_V1.jpg
Asp_Aspx_Php_V2.jpg
Asp_Aspx_Php一句话合集.txt
ASP_Client.html
ASP Cmd Shell On IIS 5.1.asp
ASP.NET Web BackDoor.aspx
AspRootkit 1.0 by BloodSword.asp
aspSH.v1.asp
asp wget drag database.asp
ASPX
ASPX one line Code Client by amxku.aspx
aspxshell.aspx
ASPX Shell.aspx
AspxSpy2014Final.aspx
ASPXspy.aspx
ASPXspy by NightRunner.aspx
ASPX小马 - 黑兵社团.aspx
aspydrv.php
ASPYDrvsInfo.asp
ASPYDrvsInfo.php
audit_null.c
audit_null.patch
autoroot.php
ava Server Faces MiniWebCmdShell 0.2 by HeartLESS.php
AventGrup-Sincap 1.0.php
Aventis KlasVayv 1.0.asp
awen asp.net webshell.aspx
Axis2Shell-master.zip
axis2 利用小工具cat.aar.zip
axis2 利用小工具cat.pdf
Ayyildiz Tim -AYT- Shell v 2.1 Biz.php
Ayyildiz Tim -AYT- Shell v 2.1 Biz.txt
Ayyildiz_Tim.php
Ayyildiz Tim Shell (Private Shell 2017).php
azrail 1.0 by C-W-M.php
aZRaiLPhp v1.0.php
aZRaiLPhp_v1.0.php
B374k Beta ShElL V1.php
b374k-mini-shell.php
b374k-mini-shell-php.php
b374k-mini-shell-php.php.php
b374k.php.php
b374kv2.1.php
b374v2.8-b374k.php
Back Connect.php
backdoor.c
backdoorfr.php
Backdoor php v0.1 Coded By Charlichaplin.php
BackerHack JSP Manage-System 1.0.jsp
Backup script on server.php
backupsql.php
base64.jspx
base64.md
bayz21-priv-shell-v1.php
bayz21-priv-shell-v2.php
bayz21-priv-shell-v3.php
bdotw44shell.php
bdshell.php
berandal-owlsquad.php
bitwise.php
BLaSTER.php
bloodsecv4.php
Bnkqbakq.php
boffmax_v1.0_web_shell_by_the-c0de_team(1).php
by Bagheera.jsp
by EJDER.asp
bypass403.php
bypass529.php
bypass-iisuser-p.asp
bypass_RCE_php.gif
bypass safemodel.php
by.php
c0derz shell [csh] v. 0.1.1 release.php
c0derz_shell.php
c999shell.php
c99_locus7s.php
c99_madnet.php
C99madShell v. 2.0 madnet edition.php
c99ud.php
c99_webshell.php
caidao-20141213.zip
caidao-20160622.zip
caidao.jsp
Carbylamine PHP Encoder.php
CasuS 1.5.php
CasuS-1.5.php
cat.jar
cat.jsp
cat.jspx
cfexec.cfm
cfmShell.cfm
cfSQL.cfm
cgi-python.py
cgitelnet.php
Cgitelnet.pl
changelog
CHANGELOG
change.php
Changing CHMOD Permissions Exploit.php
client1.php
client2.php
client.php
client.py
Client.py
cls_Base.php
CmdAsp.asp
cmd.c
cmd.cfm
cmd.jpg
cmdjsp.jsp
cmd.jspx
cmd.php
cmd.pl
CmdServlet.java
cmd.sh
cmdsql.aspx
cmfshell.cmf
Code by Bin.aspx
code.php
ColdFusion.chm
Command.aspx
Command Execution (win32).jsp
Command Shell.php
commit-msg.sample
compat
Con7ext-Shell-V.2-l o l.php
config
config.aar
config.h
config.inc.php
configkillerionkros.php
config.m4
Confusion to encrypt php webshell.php
console.py
control
Coppermine Photo Gallery = 1.4.3 remote cmmnds xctn.php
COPYING
copyright
cpanel.php
CrystalShell.php
CrystalShell v.1.php
css1.jsp
css.jsp
Customize.asmx
customize.js
Customize.soap
cw.php
cybershell.php
Cyber Shell.php
Cyber Shell (v 1.0).php
CyberSpy5.Asp
d00r_py3.py
darkBC.py.txt
DAws.php
db_mysql.class.php
db_mysql_error.inc.php
dC3 Security Crew Shell PRiV.php
dC3_Security_Crew_Shell_PRiV.php
dC3_Security.php
dc.pl
DDoS attack.php
Deface Keeper 0.2.php
demo.gif
description
dev_core.php
devilzShell.asp
devilzShell.aspx
devilzShell.cgi
devilzShell.jsp
devilzShell.php
devshell.asp
devshell.cfm
devshell.md
Dive_Shell_1.0_Emperor_Hacking_Team.php
Dive Shell 1.0 - Emperor Hacking Team.php
Dive_Shell.php
DJ团队.asp
download 下载文件.asp
DTool Pro.php
DTool_Pro.php
Dx.php
easy-simple-php-webshell.php
Edited By KingDefacer.php
EgY_SpIdEr ShElL V2.php
Elmali Seker.asp
ELMALISEKER Backd00r.asp
Engineers Security (Private PHP Shell 2017).php
enum-ssh.py
erne.php
ex0shell.php
exampleOutput.csv
exclude
exim.pl
Expdoor.com ASP专用小马.asp
exp.php
fatal.php
FaTaL Shell v1.0 - Edited By KingDefacer.php
filesystembrowser.aspx
File upload.asp
fileupload.aspx
findsock.c
forever5pi.asp
format
from_the_wild1.php
fsmonitor-watchman.sample
ftpsearch.php
functions.c
functions.h
g00nshell-v1.3.php
Gamma Web Shell.cgi
Gamma Web Shell.php
Gamma_Web_Shell.php
gdog.py
get.php
GetShell.html
gfs_sh.php
GFS_web-shell.php
GFS web-shell ver 3.1.7 - PRiV8.php
GFS_web-shell_ver_3.1.7_-_PRiV8.php
gif87a.jpg
gif89a.asp
gif89a.jpg
.gitignore
.gitmodules
GO.cgi.pl
go-shell.php
GRP WebShell 2.0 release build 2018 (C)2006,Great.php
GRP_WebShell.php
G-Security-Webshell.php
h4ck_Door.asp
h4ntu_shell.php
h4ntu shell [powered by tsoi].php
h4ntu_shell_[powered_by_tsoi].php
hahahaha小马.JSp
handshake-84^%9F^%B5^%64^%32^%BB.cap
HEAD
hec.aspx
hector-uploader.php
hiddens_shell.php
hiddens shell v1.php
hideme.cpp
hkmjj.asp
hmass (priv8 mass defacor).pl
Hypn.ashx
I-47 v1.3.php
ice.cfm
icmpsh.exe
icmpsh-m.c
icmpsh-m.pl
icmpsh_m.py
icmpsh-s.c
img.jpg
iMHaPFtp.php
include.ashx
includer.php
includer.txt
inc.pl
index
inDEXER And ReaDer.asp
index.htm
index.php
indoxploit-mass-defacer.php
IndoXploit.php
I.N.F HACKING CENTER.asp
__init__.py
ironshell.php
jav-shellv1.1-maqlo.php
jca.php
JFIF.asp
JFIF.jpg
JFoler 1.0.jsp
jpg_payload.php
jshell ver 0.1.jsp
jshell ver 1.0.jsp
JSP Backdoor Reverse Shell.jsp
JspDo Code By Xiao.3.jsp
JspHelper Codz By - Leo.jsp
jsp.jpg
jspshell.jsp
JSP Shell 岁月联盟专用版本.jsp
JspSpy Codz By - Ninty_1.jsp
JspSpy Codz By - Ninty.jsp
JspSpy.jsp
jspspy.jspx
jspspy_k8.jsp
JspSpy Private Codz By - Ninty_encode.jsp
JspSpy Private Codz By - Ninty.jsp
Jspspy web~shell V1.0 ※MADE by 孤水绕城 QQ540410588.jsp
JspTqz.jsp
JspWebshell_1.2.php
JspWebShell By 绝对零度.asp
jspx.jspx
jspy.jsp
Jsp反弹shell.txt
JSRat.ps1
k2ll33d.php
ka0tic.pl
KAdot Universal Shell v0.1.6.php
KAdot_Universal_Shell_v0.1.6.php
KA_uShell 0.1.6.php
KA_uShell_0.1.6.php
Knull Shell.php
KOA ASP类 WebShell扫描工具.asp
kolang-bypass.php
kral.php
kuda-encoded.php
lamashell.php
lama's'hell v. 3.0.php
LICENSE
LICENSE.html
LICENSE.md
LICENSE.txt
license.zip
lifkaS.php
list.cer
list.cfm
listfile.php
list.pl
ListServlet.java
list.sh
litteryi.txt
litteryixx.ASP
livehack.py
liveterm.py
Liz0ziM Private Safe Mode Command Execuriton Bypass Exploit.php
llehs.py
Loaderz WEB Shell.php
Loaderz_WEB_Shell.php
Loader'z WEB Shell v 0.1.0.2.php
load_shell.php
logger.py
logger小马.jsp
login.jsp
lolipop-encoded.php
lolipop.php
Lolipop.php - Edited By KingDefacer.php
lostDC-encoded.php
lostDC.php
lostDC shell.php
LOTFREE PHP Backdoor v1.5.php
lurm_safemod_on.cgi.pl
MackersPrivatePHPShell-encoded.php
Macker's Private PHPShell.php
Mackers_Private_Shell.php
make2.php
Makefile
MANIFEST.MF
master
matamu-encoded.php
Matamu Mat.php
matamu.php
megabor-encoded.php
megabor.php
Micro_Webshell.php
mima_abcd.jpg
mini.php
mmm.php
mod_joomla_shell.zip
mof提权带回显带清楚命令版本.php
moon_1php.php
MoroccanSpamersMa-EditioNByGhOsT-encoded.php
Moroccan Spamers Ma-EditioN By GhOsT.php
Moroccan_Spamers_Ma-EditioN_By_GhOsT.php
Moroccan_Spamers.php
MSF_README
msf_webacoo_module.rb
mssql.asp
mssql.aspx
MSSQL控制程序.asp
mycode12.cfm
myshell-encoded.php
myshell.php
MyShell.php
mysql.aspx
Mysql Database.jsp
Mysql interface v1.0.php
Mysql_interface_v1.0.php
MYSQL Manager -Asp.net Silic Group Hacker Army专用版本.aspx
mysql_tool.php
Mysql udf by M4ster.php
MySQL_Web_Interface.php
MySQL Web Interface Version 0.8.php
MySQL Web Shell.php
mysql脱库.php
navicat_tunnel.php
NCC-Shell-encoded.php
NCC-Shell.php
NCC Shell v1.0.0.php
NetworkFileManagerPHP.php
NGH-encoded.php
NGH.php
ngx_http_pwnginx.c
nobody-uploader.php
Non-alphanumeric.php
nshell-encoded.php
nshell.php
nShell v1.0.php
nsT View.php
NTDaddy v1.9.asp
NTDaddy v1.9.php
NTDaddy_v1.9.php
ntunnel_mysql.php
obfuscated-punknopass.php
one1.jsp
one.jsp
one.war
oo.jpg
openfire-test_plugin.zip
Oracle Database.jsp
oracle.jsp
oracle.txt
pack-0dc52c0081f0a5e15ac36dd3b67b08096466add8.idx
pack-0dc52c0081f0a5e15ac36dd3b67b08096466add8.pack
pack-6a5fbf3093c3c63aa794c842cf9da81dc956d2cd.idx
pack-6a5fbf3093c3c63aa794c842cf9da81dc956d2cd.pack
pack-9663d2056a711a277a7baac04d882d23f6efb993.idx
pack-9663d2056a711a277a7baac04d882d23f6efb993.pack
packed-refs
pas.php
Password Hasher for PHP Shell 2.1.php
paxmac.jspx
PcAnywhere提权 Bin版本.asp
perlcmd.cgi
perl-reverse-shell.pl
Perl Web Shell by RST-GHC.pl
PHANTASMA-encoded.php
PHANTASMA.php
php-backdoor-encoded.php
php-backdoor.php
Php Backdoor v 1.0 by ^Jerem.php
php-findsock-shell.php
php-include-w-shell.php
phpinfo.php
pHpINJ-encoded.php
pHpINJ.php
PHPJackal v1.9.php
php MySQL Database Backup Script.php
phppng.png
PHPRemoteView.php
php-reverse-shell.php
phpshell17.php
PhpShell 2.0.php
PHP-Shell-Detector-master.zip
PHPShell-encoded.php
PHP Shell.php
PHP_Shell.php
PhpSpy.php
PhpSpy Ver 2006.php
phpwebbackup.php
PHP Web Shell by oTTo.php
php-web-shell.php
php-webshells.txt
pHp一句话扫描脚本程序.php
PHP小马 - ExpDoor.com.php
PHP 搜索可读可写目录脚本.php
PHP整站打包程序-By DoDo.php
PHP检测文件夹权限.php
php版iisspy.php
php读取iis.php
PHVayv-encoded.php
PH Vayv.php
PH_Vayv.php
PHVayv.php
Phyton Shell.py
ping.c
PinoyLULZSecPrivateShell2017.php
pnbak.css
pnbak.js
PostgreSQL数据库操纵.php
post-update.sample
pps-v1.0.pl
pps-v3.0.pl
pps-v3.5.pl
pps-v4.0.pl
pre-applypatch.sample
pre-commit.sample
Predator-encoded.php
Predator.php
pre-merge-commit.sample
prepare-commit-msg.sample
pre-push.sample
pre-rebase.sample
pre-receive.sample
print.png
Private x0rg Web Hosting Bypass.php
punkholic.php
punk-nopass.php
pwnginx
pwnginx.c
pwnginx.h
pwnginx-master.zip
pwnshell - an interactive jsp shell.jsp
pws.php
pyspy.py
qsd-backdoor.php
qsd-php-backdoor.php
r00ts小组过防火墙马.asp
r00ts无FSO组建大马.asp
r57.biz Dq99Shell.php
r57_iFX.php
r57_kartal.php
r57_Mohajer22.php
r57.php
r57shell127.php
r57shell.php
r57shell v.1.42 - Edited By KingDefacer.php
radhat.asp
rcpexp.pl
README
readme.md
readme.MD
Readme.md
README.md
readme.txt
Readme.txt
RedHat Hacker.asp
RedHat Hacker.asp明文版.asp
reGeorg-master.zip
reGeorgSocksProxy.py
Remote Explorer.asp
remot shell.pl
requirements.txt
response_packet_from_icmpsh_slave_containing_output_of_command_whoami.png
reverseshell-poc.php
revsshclient.py
revsshserver.py
RHTOOLS 1.5 BETA(PVT).asp
RHTOOLS 1.5 BETA(PVT) Edited By KingDefacer.asp
robot.php
robots.php
rootshell.php
Rootshell.v.1.0-encoded.php
Rootshell.v.1.0.php
ru24_post_sh.php
rules
running_icmpsh_master_on_attacker_machine.png
running_icmpsh_slave_on_target.png
run.sh
s72_Shell.php
s72 Shell v1.0 Codinf by Cr@zy_King.php
s72 Shell v1.1 Coding.php
s72_Shell_v1.1_Coding.php
safe0ver.php
Safe0ver_Shell.php
Safe0verShell-SafeModBypassByEvilc0der-encoded.php
Safe0ver Shell -Safe Mod Bypass By Evilc0der.php
Safe mode breaker.php
Safe_Mode_Bypass.php
Safe_ModeBypassPHP4.4.2andPHP5.1.2-encoded.php
Safe_Mode Bypass PHP 4.4.2 and PHP 5.1.2.php
Safe_Mode_Bypass_PHP_4.4.2_and_PHP_5.1.2.php
scanner.php
sctp_reverse.py.txt
securityghost-priv-Zero5.php
Security House - Shell Center - Edited By KingDefacer.php
server1.php
server2.php
server.php
server.py
Server.py
Server Variables.asp
servlet-api-3.04.jar
Serv-U本地权限提升工具.php
setup.py
shell.ascx
Shell [ci] .Biz was here.php
shellcode_generate.py
Shell Commander.php
shell.jpg
shell.jsp
SHOR7CUTShellBETAKILLERencoded.php
sidedoor
sidedoor.default
sidedoor.dirs
sidedoor.docs
sidedoor.install
sidedoor.links
sidedoor.postinst
sidedoor.postrm
sidedoor.service
sidedoor.upstart
Silic Group_cgi.pl
Silic Group Hacker Army - BlackBap.Org.php
Silic Group.jsp
Silic Group php Webshell v3.php
Silic Group_readme.txt
simattacker.php
SimAttacker.php
SimAttacker - Version 1.0.0 - Edited By KingDefacer.php
SimAttacker-Version1.0.0-encoded.php
SimAttacker - Vrsion 1.0.0 - priv8 4 My friend.php
simple-backdoor.php
simple_cmd.php
Simple_PHP_backdoor_by_DK-encoded.php
Simple_PHP_backdoor_by_DK.php
simple-php-backdoor.php
Simple_PHP_backdoor.php
simple-upload.php
simple-uploadv2.php
Simple-Webshell.php
SimShell1.0-SimorghSecurityMGZ-encoded.php
SimShell 1.0 - Simorgh Security MGZ.php
SimShell_1.0_-_Simorgh_Security_MGZ.php
SimShell.php
Sincap1.0-encoded.php
Sincap 1.0.php
Sincap_1.0.php
SJavaWebManageV1.4.jsp
small.php
Small Shell - Edited By KingDefacer.php
SmallWebShellbyZaCo-encoded.php
Small Web Shell by ZaCo.php
Small_Web_Shell.php
smevk.php
smtpd.py
sniffer.php
SnIpEr_SA Shell.php
socket_live8.py
socks5.h
soldierofallah.php
sosyete.php
Sosyete Safe Mode Bypass Shell - Edited By KingDefacer.php
Spider PHP Shell (SPS-3.0).php
spjspshell.jsp
SPS-3.0免杀.php
spygrup.php
SQL.aspx
ssh_client_config_example
sshUsernameEnumExploit.py
SST Sheller.php
stdafx.h
STHx 渗透小组专用 ASP小马.asp
STNC WebShell v0.8.php
STNC_WebShell_v0.8.php
Stored Procedure Execute.aspx
stres.php
struct.py
Stupidc0de Shell (2017).php
sudoers
sure.php
sym.php
sys32.php
t57shell.php
telnet.cgi.pl
telnet.pl
test3693.war
test.ear
test_rsa.key
test.war
TNTHK加密小马.asp
toby57解析加密一句话木马.php
TODO
toolaspshell.php
toto
Tracker.txt
tryag.php
tunnel.ashx
tunnel.aspx
tunnel.js
tunnel.jsp
tunnel.php
tunnel.tomcat.5.jsp
udf.dll 专用网马.php
udpio.py
UnKnown 高级Vip防删收费版.asp
up.asp
update.sample
upfile_write.asp
upfile_write.rar
Uploader.php
Uploading.php
up.php
up.pl
UpServlet.java
up.sh
usage.txt
Utils.java
view.aspx
W3D Shell.php
webacoo.pl
WebAdmin 2.X Final.aspx
Webcommander by Cr4sh_aka_RKL v0.3.9 NGH edition.php
webllehs.py
Web Shell.asp
WebShell.cgi.pl
Web-shell (c)ShAnKaR.php
web-shell.php
WebShell.php
webshell.rb
WebShell系列(一)---XML.txt
WebSniff 1.0 Powered by C.C.T.aspx
Web Sniffer.aspx
web.xml
Welcome To AK Team.asp
wh_bindshell.py
WHO AM I - MZRP105 (Private PHP Shell).php
Win MOF Shell.php
WinX Shell.php
WinX_Shell.php
w-list.txt
wordpress backdoor.php
Wordpress Mass Defacer (FUD 2017).php
WordPress Shell.php
Worse Linux Shell.php
Worse_Linux_Shell.php
Worse Linux Shell.php.php
wp-conf.php
wp-conten1_pass_KoR345Ker78DSa.php
write_asp_file.ashx
write_aspx_file.ashx
WSO2.7 404 Error Web Shell.php
wso2.7.php
wso2.8.5.php
wso2.8.php
wso.aspx
wso-latest.php
wwwolf-webshell.php
www.zjjv.com.php
xl.cfm
xml.asp
xml.aspx
xml.php
xnonymoux_webshell_ver_1.0.php
xshock-0.1.tar.gz
xslt.asp
xslt.aspx
xslt.php
xssshell-xsstunnell.zip
xx.ashx
XXOO.jsp
xxooxx.aspx
xx.php
xx.png
xynu-Normal University.asp
z8VSmO1418105414843.jpg
zaco.php
zacosmall.php
zehir4.php
ZehirIV.asp
zend_config.w32.h
zip.func.php
ZoRBaCK Connect.php
ZyklonShell.php
上传小马.asp
上传小马.jsp
上传马.aspx
上传马.php
不灭之魂2013改进版本.asp
不灭之魂.asp
专版aspx汗血宝马.aspx
中国木马资源网- WwW.7jyewu.Cn.php
中国木马资源网-WwW.MumaSec.TK.php
从注册表中读存在路径.aspx
仗剑孤行搜索可读可写目录脚本.php
传说中的hcker.asp
传说中的草泥马4.0.asp
使用方法.txt
使用说明.txt
修改属性.asp
内网扫描header.jsp
内网探测.jsp
冰锋刺客.aspx
凝聚科技专用AspX大马 Bysunue.aspx
合成图片马命令.txt
啊D小工具 - 目录读写检测 [ASP版].asp
国外牛逼大马.aspx
图片马.jpg
土司搞基asp大马.asp
在线exp专用免杀版.php
在线数据库管理工具 1.5.asp
密码:889.asp
小强asp木马.asp
小红帽.asp
小马.jsp
很好用的扫可读可写目录asp脚本xwdir.asp
新型JSP小马支持上传任意格式文件.jsp
旁注 - 网站小助手.asp
星外-华众-新网-虚拟主机提权专用Webshell.asp
星外-华众-新网-虚拟主机提权专用Webshell Mumaasp.com发布.asp
木马帮V1.1-火舌版.asp
极其隐蔽的pHp小马穿插在正常页面中.php
法克僵尸大马.asp
海阳顶端网ASP木马@2006PLUS - By Marcos.asp
火狐NEW WebShell.asp
灭天远程管理.jsp
炽天使.asp
牛逼免杀提权隐藏大马.asp
目录扫描.asp
目录扫描读写马.asp
红狼ASP木马--Anfly免杀版.asp
老V.jsp
脱库工具.php
苦咖啡专用.jsp
草莓webshell.asp
菊花聊天室.php
虚拟主机提权专用Webshell去后门版.asp
虚拟机主机提权大马.asp
银河舰队大马_2014版.asp
银河舰队大马_2015专版asp大马.asp
零魂PHP一句话木马客户端.htm
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment