security-webshells

GitHub

提供多种语言Web shell样本,用于授权的安全检测、IDS/IPS签名测试、恶意软件分析及取证研究。仅限渗透测试、漏洞赏金、CTF及教育用途,严禁非法访问。

skills/security-webshells/SKILL.md Eyadkelleh/awesome-skills-security

触发场景

Web shell检测测试 安全监控验证 恶意软件分析 IDS/IPS签名测试 取证研究

安装

npx skills add Eyadkelleh/awesome-skills-security --skill security-webshells -g -y
更多选项

不安装直接使用

npx skills use Eyadkelleh/awesome-skills-security@security-webshells

指定 Agent (Claude Code)

npx skills add Eyadkelleh/awesome-skills-security --skill security-webshells -a claude-code -g -y

安装 repo 全部 skill

npx skills add Eyadkelleh/awesome-skills-security --all -g -y

预览 repo 内 skill

npx skills add Eyadkelleh/awesome-skills-security --list

SKILL.md

Frontmatter
{
    "name": "security-webshells",
    "description": "Web shell samples for detection and analysis: PHP, ASP, ASPX, JSP, Python, Perl shells. Use for security research and detection system testing."
}

SecLists Web-Shells

Description

Web shell samples for detection and analysis: PHP, ASP, ASPX, JSP, Python, Perl shells. Use for security research and detection system testing.

Source: SecLists/Web-Shells Repository: https://github.com/danielmiessler/SecLists License: MIT

When to Use This Skill

Use this skill when you need:

  • Web shell detection testing
  • Security monitoring validation
  • Malware analysis
  • IDS/IPS signature testing
  • Forensics research

⚠️ IMPORTANT: Only use for authorized security testing, bug bounty programs, CTF competitions, or educational purposes.

Key Files in This Skill

  • PHP shells - Common PHP web shells
  • ASP/ASPX shells - Microsoft web shells
  • JSP shells - Java server pages shells
  • Python shells - Python-based shells
  • Perl shells - Perl web shells

Usage Example

# Access files from this skill
import os

# Example: Load patterns/payloads
skill_path = "references/Web-Shells"

# List all available files
for root, dirs, files in os.walk(skill_path):
    for file in files:
        if file.endswith('.txt'):
            filepath = os.path.join(root, file)
            print(f"Found: {filepath}")
            
            # Read file content
            with open(filepath, 'r', errors='ignore') as f:
                content = f.read().splitlines()
                print(f"  Lines: {len(content)}")

Security & Ethics

Authorized Use Cases ✅

  • Authorized penetration testing with written permission
  • Bug bounty programs (within scope)
  • CTF competitions
  • Security research in controlled environments
  • Testing your own systems
  • Educational demonstrations

Prohibited Use Cases ❌

  • Unauthorized access attempts
  • Testing without permission
  • Malicious activities
  • Privacy violations
  • Any illegal activities

Complete SecLists Collection

This is a curated subset of SecLists. For the complete collection:


Generated by Skill Seeker | SecLists Web-Shells Collection License: MIT - Use responsibly with proper authorization

版本历史

  • ae26985 当前 2026-07-05 11:57

同 Skill 集合

skills/llm-testing/SKILL.md
skills/security-fuzzing/SKILL.md
skills/security-passwords/SKILL.md
skills/security-patterns/SKILL.md
skills/security-payloads/SKILL.md
skills/security-usernames/SKILL.md

元信息

文件数
0
版本
ae26985
Hash
1840a72b
收录时间
2026-07-05 11:57

首页 - Wiki
Copyright © 2011-2026 iteam. Current version is 2.155.2. UTC+08:00, 2026-07-13 22:45
浙ICP备14020137号-1 $访客地图$