hoaxshell vs Penelope
GitHub Stats
About hoaxshell
Hoaxshell is an unconventional Windows reverse shell that uses HTTP(S) traffic for communication, designed to be fully undetectable by Microsoft Defender. Developed in Python, it leverages web-based traffic to evade traditional detection mechanisms, making it suitable for stealthy penetration testing and red team activities. Hoaxshell is notable for its unique approach to bypassing endpoint security solutions.
About Penelope
Penelope is an advanced shell handler designed to replace netcat as the go-to reverse shell listener during penetration tests. Written in Python with zero external dependencies, it automatically upgrades received shells to fully interactive PTYs with tab completion, history, and job control - eliminating the manual 'python -c import pty' dance. Penelope handles multiple simultaneous shell sessions with a clean interface for switching between them, provides built-in file upload and download without needing to set up separate transfer servers, automatically logs all session activity for reporting, and can generate reverse shell payloads for various platforms and languages. It supports encrypted shells, can spawn listeners on multiple ports, and includes a command history searchable across sessions.
Platform Support
Tags
Shared
hoaxshell only
Penelope only