ENNAENNA

Weevely

GPL-3.0

๐Ÿ”ฅ Offensive Ops ยท Python

Weevely generates small, polymorphic PHP backdoors that blend into legitimate application code. Once deployed, the client connects to the shell over HTTP/HTTPS and provides over 30 post-exploitation modules including file management, command execution, database access, network pivoting, privilege escalation, and credential stealing. Communications are obfuscated within normal-looking HTTP parameters, making detection difficult. Weevely supports SQL console access, TCP tunneling through the compromised host, bruteforce attacks from the target, and system information gathering. It acts as a full post-exploitation framework through a single PHP file.

3.5kstars
631forks
17issues
Updated 6mo ago
+I use this
View on GitHub

Installation

$ git clone https://github.com/epinna/weevely3.git && cd weevely3 && pip install -r requirements.txt

Use Cases

  • Maintaining persistent access via PHP web shell
  • Post-exploitation through compromised web servers
  • Network pivoting through web application layer
  • Covert command execution through HTTP parameters

Tags

webshellphppost-exploitationbackdoorpivoting

Details

Category
๐Ÿ”ฅ Offensive Ops
Language
Python
Repository
epinna/weevely3
License
GPL-3.0
Platforms
๐Ÿงlinux๐ŸŽmacos๐ŸชŸwindows

Links

GitHub Repository

github.com/epinna/weevely3

Releases

github.com/epinna/weevely3/releases

Issues

github.com/epinna/weevely3/issues

Sponsored

Your ad here

Reach security professionals and developers - ads@en-na.com

Community Reviews

Alternatives & Comparisons

pwncat

Python

Post-exploitation platform and target management. Automatic privesc, persistence, file transfer - the smart reverse shell.

Compare Weevely vs pwncat

Penelope

Python

Advanced reverse shell handler. Auto-upgrades shells to PTY, handles multiple sessions, with built-in file transfer and logging.

Compare Weevely vs Penelope

PHPSploit

Python

Stealth post-exploitation C2 framework tunneled through PHP web servers.

Compare Weevely vs PHPSploit

More in Offensive Ops

Mythic

Go

Collaborative, multi-platform C2 framework. Docker-based with web UI, multiple agent types, and plugin architecture.

c2red-teammulti-operator

Havoc

C/C++

Modern C2 framework. Qt-based GUI, BOF support, custom agents, and a Cobalt Strike-inspired workflow.

c2red-teamgui

Rubeus

C#

C# toolset for raw Kerberos interaction and abuse. AS-REP roasting, Kerberoasting, ticket manipulation, delegation attacks.

kerberosactive-directoryroasting

Certipy

Python

Active Directory Certificate Services (AD CS) abuse tool. Find and exploit certificate template misconfigurations.

active-directorycertificatesadcs

Coercer

Python

Automatically find and exploit Windows authentication coercion vulnerabilities. PetitPotam, PrinterBug, and more.

authentication-coercionntlm-relaypetitpotam

SharpHound

C#

Official BloodHound data collector. Enumerates Active Directory objects, sessions, ACLs, and trusts for graph analysis.

active-directoryenumerationbloodhound