Packages that exploit or open backdoors on already vulnerable systems.

Tool count: 37

BlackArch backdoor
Name Version Description Homepage
aesshell 0.7 A backconnect shell for Windows and Unix written in python and uses AES in CBC mode in conjunction with HMAC-SHA256 for secure transport.
azazel 14.e6a12a2 A userland rootkit based off of the original LD_PRELOAD technique from Jynx rootkit.
backcookie 51.6dabc38 Small backdoor using cookie.
backdoor-factory 200.14b87fa Patch win32/64 binaries with shellcode.
backdoorme 308.f9755ca A powerful utility capable of backdooring Unix machines with a slew of backdoors.
backdoorppt 86.b044ccf Transform your payload.exe into one fake word doc (.ppt).
cymothoa 1 A stealth backdooring tool, that inject backdoor's shellcode into an existing process.
debinject 40.88b7824 Inject malicious code into *.debs.
dr0p1t-framework 43.ce7c04a A framework that creates a dropper that bypass most AVs, some sandboxes and have some tricks.
dragon-backdoor 7.c7416b7 A sniffing, non binding, reverse down/exec, portknocking service Based on cd00r.c.
enyelkm 1.2 Rootkit for Linux x86 kernels v2.6.
exe2image 1.1 A simple utility to convert EXE files to JPEG images and vice versa.
gobd 81.e64b5a5 A Golang covert backdoor.
harness 19.ed2a6aa Interactive remote PowerShell Payload.
hotpatch 0.2 Hot patches executables on Linux using .so file injection.
jynx2 2.0 An expansion of the original Jynx LD_PRELOAD rootkit
kimi 23.1d7a5e6 Script to generate malicious debian packages (debain trojans).
ld-shatner 4.5c215c4 ld-linux code injector.
meterssh 18.9a5ed19 A way to take shellcode, inject it into memory then tunnel whatever port you want to over SSH to mask any type of communications as a normal SSH connection.
ms-sys 2.5.3 A tool to write Win9x-.. master boot records (mbr) under linux - RTM!
phishery 14.5743953 An SSL Enabled Basic Auth Credential Harvester with a Word Document Template URL Injector.
pyrasite 2.0 Code injection and introspection of running Python processes.
revsh 215.174e309 A reverse shell with terminal support, data tunneling, and advanced pivoting capabilities.
rrs 1.70 A reverse (connecting) remote shell. Instead of listening for incoming connections it will connect out to a listener (rrs in listen mode). With tty support and more.
rubilyn 0.0.1 64bit Mac OS-X kernel rootkit that uses no hardcoded address to hook the BSD subsystem in all OS-X Lion & below. It uses a combination of syscall hooking and DKOM to hide activity on a host.
shellinabox 428.98e6eeb Implements a web server that can export arbitrary command line tools to a web based terminal emulator.
shootback 56.73cdc12 A reverse TCP tunnel let you access target behind NAT or firewall.
syringe 1.9786f35 A General Purpose DLL & Code Injection Utility.
trixd00r 0.0.1 An advanced and invisible userland backdoor based on TCP/IP for UNIX systems.
tsh 0.6 An open-source UNIX backdoor that compiles on all variants, has full pty support, and uses strong crypto for communication.
tsh-sctp 2.850a2da An open-source UNIX backdoor.
u3-pwn 2.0 A tool designed to automate injecting executables to Sandisk smart usb devices with default U3 software install.
unicorn-powershell 101.a6893c5 A simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory.
webacoo 0.2.3 Web Backdoor Cookie Script-Kit.
webshells 22.2aaa41e Web Backdoors.
webspa 0.8 A web knocking tool, sending a single HTTP/S to run O/S commands.
weevely 801.cd8ce1c Weaponized web shell.