Penelope vs Weevely
GitHub Stats
About Penelope
Penelope is an advanced shell handler designed to replace netcat as the go-to reverse shell listener during penetration tests. Written in Python with zero external dependencies, it automatically upgrades received shells to fully interactive PTYs with tab completion, history, and job control - eliminating the manual 'python -c import pty' dance. Penelope handles multiple simultaneous shell sessions with a clean interface for switching between them, provides built-in file upload and download without needing to set up separate transfer servers, automatically logs all session activity for reporting, and can generate reverse shell payloads for various platforms and languages. It supports encrypted shells, can spawn listeners on multiple ports, and includes a command history searchable across sessions.
About Weevely
Weevely generates small, polymorphic PHP backdoors that blend into legitimate application code. Once deployed, the client connects to the shell over HTTP/HTTPS and provides over 30 post-exploitation modules including file management, command execution, database access, network pivoting, privilege escalation, and credential stealing. Communications are obfuscated within normal-looking HTTP parameters, making detection difficult. Weevely supports SQL console access, TCP tunneling through the compromised host, bruteforce attacks from the target, and system information gathering. It acts as a full post-exploitation framework through a single PHP file.
Platform Support
Tags
Penelope only
Weevely only