security-webshells

GitHub

提供多种语言Web shell样本,用于授权的安全检测、IDS/IPS签名测试、恶意软件分析及取证研究。仅限渗透测试、漏洞赏金、CTF及教育用途,严禁非法访问。

skills/security-webshells/SKILL.md Eyadkelleh/awesome-skills-security

Trigger Scenarios

Web shell检测测试 安全监控验证 恶意软件分析 IDS/IPS签名测试 取证研究

Install

npx skills add Eyadkelleh/awesome-skills-security --skill security-webshells -g -y
More Options

Use without installing

npx skills use Eyadkelleh/awesome-skills-security@security-webshells

指定 Agent (Claude Code)

npx skills add Eyadkelleh/awesome-skills-security --skill security-webshells -a claude-code -g -y

安装 repo 全部 skill

npx skills add Eyadkelleh/awesome-skills-security --all -g -y

预览 repo 内 skill

npx skills add Eyadkelleh/awesome-skills-security --list

SKILL.md

Frontmatter
{
    "name": "security-webshells",
    "description": "Web shell samples for detection and analysis: PHP, ASP, ASPX, JSP, Python, Perl shells. Use for security research and detection system testing."
}

SecLists Web-Shells

Description

Web shell samples for detection and analysis: PHP, ASP, ASPX, JSP, Python, Perl shells. Use for security research and detection system testing.

Source: SecLists/Web-Shells Repository: https://github.com/danielmiessler/SecLists License: MIT

When to Use This Skill

Use this skill when you need:

  • Web shell detection testing
  • Security monitoring validation
  • Malware analysis
  • IDS/IPS signature testing
  • Forensics research

⚠️ IMPORTANT: Only use for authorized security testing, bug bounty programs, CTF competitions, or educational purposes.

Key Files in This Skill

  • PHP shells - Common PHP web shells
  • ASP/ASPX shells - Microsoft web shells
  • JSP shells - Java server pages shells
  • Python shells - Python-based shells
  • Perl shells - Perl web shells

Usage Example

# Access files from this skill
import os

# Example: Load patterns/payloads
skill_path = "references/Web-Shells"

# List all available files
for root, dirs, files in os.walk(skill_path):
    for file in files:
        if file.endswith('.txt'):
            filepath = os.path.join(root, file)
            print(f"Found: {filepath}")
            
            # Read file content
            with open(filepath, 'r', errors='ignore') as f:
                content = f.read().splitlines()
                print(f"  Lines: {len(content)}")

Security & Ethics

Authorized Use Cases ✅

  • Authorized penetration testing with written permission
  • Bug bounty programs (within scope)
  • CTF competitions
  • Security research in controlled environments
  • Testing your own systems
  • Educational demonstrations

Prohibited Use Cases ❌

  • Unauthorized access attempts
  • Testing without permission
  • Malicious activities
  • Privacy violations
  • Any illegal activities

Complete SecLists Collection

This is a curated subset of SecLists. For the complete collection:


Generated by Skill Seeker | SecLists Web-Shells Collection License: MIT - Use responsibly with proper authorization

Version History

  • ae26985 Current 2026-07-05 11:57

Same Skill Collection

skills/llm-testing/SKILL.md
skills/security-fuzzing/SKILL.md
skills/security-passwords/SKILL.md
skills/security-patterns/SKILL.md
skills/security-payloads/SKILL.md
skills/security-usernames/SKILL.md

Metadata

Files
0
Version
ae26985
Hash
1840a72b
Indexed
2026-07-05 11:57

Accueil - Wiki
Copyright © 2011-2026 iteam. Current version is 2.155.2. UTC+08:00, 2026-07-08 20:54
浙ICP备14020137号-1 $Carte des visiteurs$