Packages that exploit or open backdoors on already vulnerable systems.


Tool count: 48

BlackArch backdoor
Name Version Description Homepage
aesshell 0.7 A backconnect shell for Windows and Unix written in python and uses AES in CBC mode in conjunction with HMAC-SHA256 for secure transport.
azazel 15.a41fbb5 A userland rootkit based off of the original LD_PRELOAD technique from Jynx rootkit.
backcookie 51.6dabc38 Small backdoor using cookie.
backdoor-factory 210.0c53045 Patch win32/64 binaries with shellcode.
backdoorme 308.f9755ca A powerful utility capable of backdooring Unix machines with a slew of backdoors.
backdoorppt 88.d0e7f91 Transform your payload.exe into one fake word doc (.ppt).
cymothoa 1 A stealth backdooring tool, that inject backdoor's shellcode into an existing process.
debinject 43.d884309 Inject malicious code into *.debs.
donut 501.61af8cc Generates x86, x64 or AMD64+x86 P.I. shellcode loading .NET Assemblies from memory.
dr0p1t-framework 44.db9bc2d A framework that creates a dropper that bypass most AVs, some sandboxes and have some tricks.
dragon-backdoor 7.c7416b7 A sniffing, non binding, reverse down/exec, portknocking service Based on cd00r.c.
eggshell 157.eaeeea7 iOS/macOS/Linux Remote Administration Tool.
enyelkm 1.2 Rootkit for Linux x86 kernels v2.6.
evilpdf 5.43696a8 Embedding executable files in PDF Documents.
exe2image 1.1 A simple utility to convert EXE files to JPEG images and vice versa.
gobd 82.3bbd17c A Golang covert backdoor.
harness 19.ed2a6aa Interactive remote PowerShell Payload.
hotpatch 90.fd2baf1 Hot patches executables on Linux using .so file injection.
icmpsh 12.82caf34 Simple reverse ICMP shell.
jynx2 2.0 An expansion of the original Jynx LD_PRELOAD rootkit
k55 86.b3c4aa9 Linux x86_64 Process Injection Utility.
kimi 28.e7cafda Script to generate malicious debian packages (debain trojans).
kwetza 26.0e50272 Python script to inject existing Android applications with a Meterpreter payload.
ld-shatner 4.5c215c4 ld-linux code injector.
linux-inject 100.268d4e4 Tool for injecting a shared object into a Linux process.
meterssh 18.9a5ed19 A way to take shellcode, inject it into memory then tunnel whatever port you want to over SSH to mask any type of communications as a normal SSH connection.
microsploit 9.441e132 Fast and easy create backdoor office exploitation using module metasploit packet, Microsoft Office, Open Office, Macro attack, Buffer Overflow.
ms-sys 2.8.0 A tool to write Win9x- master boot records (mbr) under linux - RTM!
nxcrypt 32.6ae06b5 Python backdoor framework.
phishery 14.5743953 An SSL Enabled Basic Auth Credential Harvester with a Word Document Template URL Injector.
pwncat 0.1.2 Bind and reverse shell handler with FW/IDS/IPS evasion, self-inject and port-scanning.
pyrasite 2.0 Code injection and introspection of running Python processes.
revsh 215.174e309 A reverse shell with terminal support, data tunneling, and advanced pivoting capabilities.
rrs 1.70 A reverse (connecting) remote shell. Instead of listening for incoming connections it will connect out to a listener (rrs in listen mode). With tty support and more.
rubilyn 0.0.1 64bit Mac OS-X kernel rootkit that uses no hardcoded address to hook the BSD subsystem in all OS-X Lion & below. It uses a combination of syscall hooking and DKOM to hide activity on a host.
shellinabox 428.98e6eeb Implements a web server that can export arbitrary command line tools to a web based terminal emulator.
shootback 83.cab462c A reverse TCP tunnel let you access target behind NAT or firewall.
silenttrinity 293.08b1c61 An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR.
syringe 12.79a703e A General Purpose DLL & Code Injection Utility.
trixd00r 0.0.1 An advanced and invisible userland backdoor based on TCP/IP for UNIX systems.
tsh 0.6 An open-source UNIX backdoor that compiles on all variants, has full pty support, and uses strong crypto for communication.
tsh-sctp 2.850a2da An open-source UNIX backdoor.
u3-pwn 2.0 A tool designed to automate injecting executables to Sandisk smart usb devices with default U3 software install.
unicorn-powershell 212.5421d46 A simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory.
villain v2.2.0.r7.g58a8c02 C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features and share them among connected sibling servers.
vlany 255.9ef014a Linux LD_PRELOAD rootkit (x86 and x86_64 architectures).
webacoo 0.2.3 Web Backdoor Cookie Script-Kit.
webspa 0.8 A web knocking tool, sending a single HTTP/S to run O/S commands.