finds.dev← search

// the find

0dayCTF/reverse-shell-generator

★ 3,997 · JavaScript · MIT · updated Apr 2026

Hosted Reverse Shell generator with a ton of functionality. -- (Great for CTFs)

A browser-based UI for generating reverse shell one-liners across bash, Python, PowerShell, PHP, and a dozen other runtimes. The hosted version at revshells.com is the actual product — the repo is mostly the source behind it. Aimed squarely at CTF players and pentesters who want to stop hunting through cheatsheets mid-engagement.

Covers an unusually wide range of shells including HoaxShell integration for HTTP-based C2, which most similar tools skip. URI and Base64 encoding built in saves the extra manual step when you're working with a WAF. Docker support means you can run a local instance air-gapped from revshells.com if your engagement requires it. LocalStorage persistence means your IP/port config survives a browser refresh.

The JS stack is vanilla jQuery + Bootstrap 4 with vendored assets in the repo — nothing about this codebase is modern or maintainable, and adding new shell types means hand-editing js/data.js. No test coverage whatsoever, so a contributed shell template that subtly breaks encoding goes in undetected. The obfuscation transformer is a bizarre inclusion for an open-source security tool — it obscures client-side code but adds zero security value and makes contributions harder to audit. Self-hosting requires Netlify CLI for the raw-link server function to work; plain nginx won't cut it.

View on GitHub → Homepage ↗

// want more like this?

We dig through GitHub every week and send a few repos picked for what you actually care about — each with an honest take like this one.

Get finds in your inbox → Search again →