Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

aeondave/revshellgen

Name: revshellgen
Author: aeondave

offensive-tools/shells/revshellgen/SKILL.md

npx skillsauth add aeondave/malskill revshellgen

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

RevShellGen

Modern interactive reverse-shell generator with payload selection, encoding options, and built-in listener assistance.

Quick Start

# install
pip install revshellgen

# run interactive workflow
revshellgen

# alt source install
git clone https://github.com/t0thkr1s/revshellgen
cd revshellgen
pip3 install -r requirements.txt
python3 revshellgen.py

Why RevShellGen

Compared to static cheat sheets, RevShellGen provides:

interface-driven payload selection
runtime-friendly shell catalog (bash/python/powershell/socat/etc.)
URL/Base64 encoding options
automatic clipboard copy
listener helper behavior in one workflow

Typical Operator Flow

Select local callback IP (auto-detected interfaces shown)
Set callback port
Choose payload family by target runtime
Choose encoding only if injection context requires it
Copy generated command
Start/verify listener
Execute payload on target

Payload Family Selection

| Target runtime | Suggested payload | |---|---| | Linux with bash + /dev/tcp | bash | | Python available, shell constrained | python | | Netcat with mkfifo possible | netcat mkfifo | | Socat available | socat / socat tty | | Windows cmd/powershell context | powershell |

PTY Upgrade (Linux targets)

After callback shell:

python3 -c 'import pty; pty.spawn("/bin/bash")'
# Ctrl+Z
stty raw -echo; fg
export TERM=xterm
stty rows 50 cols 180

OPSEC Guidance

Use non-default callback ports in monitored environments.
Prefer shortest payload that works for current foothold.
Avoid unnecessary encoding unless required by exploit channel.
Clear command artifacts where engagement scope allows cleanup.

Integration Patterns

Use with revshells for web-based fast fallback payloads.
Use with shellerator when bind/webshell mode is explicitly needed.
Use with reverse-ssh or pwncat to stabilize fragile initial shells.

Resources

| File | When to load | |---|---| | references/workflow-and-payload-mapping.md | Deep selection strategy, troubleshooting broken payloads, and listener reliability tips |

aeondave/revshellgen

offensive-tools/shells/revshellgen/SKILL.md

Auth/lab ref: Interactive Python reverse-shell generator with auto listener setup, encoding support, and shell-type selection.

4 stars

development

Updated Jun 8, 2026

$ install --global

skillsauth

npx skillsauth add aeondave/malskill revshellgen

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: Jun 8, 2026, 4:04 AM162.9s2 files scanned

SKILL.md

name:: revshellgen
description:: Auth/lab ref: Interactive Python reverse-shell generator with auto listener setup, encoding support, and shell-type selection.
license:: GPL-3.0
compatibility:: Python 3.6+; Linux/macOS.
author:: AeonDave
version:: 1.0

RevShellGen

Modern interactive reverse-shell generator with payload selection, encoding options, and built-in listener assistance.

Quick Start

# install
pip install revshellgen

# run interactive workflow
revshellgen

# alt source install
git clone https://github.com/t0thkr1s/revshellgen
cd revshellgen
pip3 install -r requirements.txt
python3 revshellgen.py

Why RevShellGen

Compared to static cheat sheets, RevShellGen provides:

interface-driven payload selection
runtime-friendly shell catalog (bash/python/powershell/socat/etc.)
URL/Base64 encoding options
automatic clipboard copy
listener helper behavior in one workflow

Typical Operator Flow

Select local callback IP (auto-detected interfaces shown)
Set callback port
Choose payload family by target runtime
Choose encoding only if injection context requires it
Copy generated command
Start/verify listener
Execute payload on target

Payload Family Selection

PTY Upgrade (Linux targets)

After callback shell:

python3 -c 'import pty; pty.spawn("/bin/bash")'
# Ctrl+Z
stty raw -echo; fg
export TERM=xterm
stty rows 50 cols 180

OPSEC Guidance

Use non-default callback ports in monitored environments.
Prefer shortest payload that works for current foothold.
Avoid unnecessary encoding unless required by exploit channel.
Clear command artifacts where engagement scope allows cleanup.

Integration Patterns

Use with revshells for web-based fast fallback payloads.
Use with shellerator when bind/webshell mode is explicitly needed.
Use with reverse-ssh or pwncat to stabilize fragile initial shells.

Resources

| File | When to load | |---|---| | references/workflow-and-payload-mapping.md | Deep selection strategy, troubleshooting broken payloads, and listener reliability tips |

Related Skills

aeondave/vibe-audit-technique

development

VerifiedTrustedCommunity

White-box auditing methodology for AI-generated ('vibe-coded') applications. Focuses on modern stack misconfigurations (Supabase, Next.js, Vercel).

4SKILL.mdUpdated Jun 12, 2026

aeondave/vibe-audit-technique

aeondave/source-review-technique

development

VerifiedTrustedCommunity

Hybrid AI/Deterministic SAST methodology for discovering zero-day vulnerabilities in source code. Orchestrates structural search with AI-driven data flow and sink validation.

4SKILL.mdUpdated Jun 12, 2026

aeondave/source-review-technique

aeondave/hardware-technique

development

VerifiedTrustedCommunity

Auth assessment: hardware/embedded methodology; UART/JTAG/SWD/SPI/I2C, firmware extraction, boot/debug paths, embedded OS evidence.

4SKILL.mdUpdated Jun 12, 2026

aeondave/hardware-technique

aeondave/container-technique

devops

VerifiedTrustedCommunity

Container methodology: Identifying containerization limits, Docker/K8s misconfigurations, and executing escapes to the host node.

4SKILL.mdUpdated Jun 12, 2026

aeondave/container-technique

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/aeondave/malskill.git

# Copy into Claude Code skills folder (global)
cp -r malskill/offensive-tools/shells/revshellgen ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

aeondave/malskill

4 stars

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT