🐚 Reverse Shell Generator - Command-line tool for generating reverse shell payloads across 19 languages with 66+ tested variants.
Author: Supun Hewagamage
GitHub: @supunhg
License: All Rights Reserved (see LICENSE)
This tool is designed for authorized security testing and educational purposes only. Users are responsible for complying with applicable laws and regulations. Unauthorized access to computer systems is illegal.
- 🚀 19 Languages: Python, Bash, PHP, Perl, Ruby, Node.js, PowerShell, Java, Go, Lua, Socat, Curl, Wget, and more
- 🎯 66 Variants: Multiple tested shell variants for each language
- 🔒 Encoding: Base64, URL, Hex, Unicode encoding support
- 🎭 Obfuscation: 3-level obfuscation for evasion
- 💾 Presets: Save and reuse configurations
- 🎨 Rich Output: Syntax highlighting and beautiful formatting
- 📋 Clipboard: Auto-copy shells to clipboard
- 🔧 Listeners: Generate nc, socat, pwncat listener commands
- 🎮 Auto-Listener: Launch listener sessions from interactive mode
- 📚 Interactive: Guided wizard for easy generation
- 🌐 Offline: Works completely offline
- Python 3.8 or higher
- pip package manager
Recommended for system-wide installation:
git clone https://github.com/supunhg/ShellHooks-CLI.git
cd ShellHooks-CLI
./scripts/build_deb.sh
sudo dpkg -i shellhooks-cli_1.1.0_all.debThis installs:
- Executable:
/usr/local/bin/shellhooks - Man page:
/usr/share/man/man1/shellhooks.1 - Documentation:
/usr/share/doc/shellhooks-cli/
To uninstall:
sudo dpkg -r shellhooks-cligit clone https://github.com/supunhg/ShellHooks-CLI.git
cd ShellHooks-CLI
python3 -m venv venv
source venv/bin/activate # On Windows: venv\Scripts\activate
pip install -r requirements.txt
pip install -e .shellhooks --version
man shellhooks # View man pageFor faster usage, ShellHooks supports short aliases:
g→generatei→interactivel→list
Examples:
shellhooks g python -i 10.0.0.1 -p 4444
shellhooks i
shellhooks l --language bashUse -nb or --no-banner before the subcommand:
shellhooks -nb list
shellhooks --no-banner interactive
shellhooks -nb g python -i 10.0.0.1 -p 4444# Basic shell generation
shellhooks generate python -i 10.0.0.1 -p 4444
# With encoding
shellhooks generate bash -i 192.168.1.100 -p 9001 --encode base64
# Copy to clipboard
shellhooks generate php -i 10.0.0.1 -p 4444 --clipboard
# Save to file
shellhooks generate perl -i 10.0.0.1 -p 4444 --output shell.pl# Launch interactive wizard
shellhooks interactiveThe interactive mode guides you through:
- Language selection (with fuzzy search)
- Version and variant selection
- IP and port configuration
- Advanced options (encoding, obfuscation, SSL)
- Output options (display, clipboard, file)
# List all shells
shellhooks list
# List shells for specific language
shellhooks list --language python
# Search shells
shellhooks list --search socket# Basic netcat listener
shellhooks listener -p 4444
# Ncat with SSL
shellhooks listener -p 4444 --tool ncat --ssl
# Show all listener options
shellhooks listener -p 4444 --all
# Include PTY upgrade instructions
shellhooks listener -p 4444 --pty-upgrade# Save a preset
shellhooks preset save "lab-python" python -i 10.0.0.1 -p 4444
# Load and use a preset
shellhooks preset load "lab-python"
# List all presets
shellhooks preset list
# Delete a preset
shellhooks preset delete "lab-python"shellhooks generate <language> [OPTIONS]
Options:
-i, --ip TEXT Target IP address [required]
-p, --port INTEGER Target port (default: 4444)
-V, --version TEXT Language version
-v, --variant TEXT Shell variant
-e, --encode [none|base64|url|hex|unicode]
Encoding method
-o, --obfuscate INTEGER Obfuscation level (0-3)
--ssl Use SSL/TLS for listener
-O, --output PATH Output file path
-l, --listener Show listener command
-c, --clipboard Copy to clipboard
-s, --save-preset TEXT Save as presetshellhooks interactiveThe interactive mode provides a guided wizard with the following features:
- Language Selection: Fuzzy search through all available languages
- Variant Selection: Browse and select from language-specific variants
- IP & Port Entry: Input validation with helpful error messages
- Advanced Options: Optional encoding, obfuscation, and SSL configuration
- Output Actions:
- Display on screen
- Copy to clipboard automatically
- Save to file
- Display and copy to clipboard
- Start netcat listener session (launches in new terminal)
- All-in-one: Display, copy, and start listener
- Listener Tool Selection: Choose from nc, ncat, socat, pwncat, rlwrap, or metasploit
- Preset Saving: Optionally save configuration for later reuse
New in v1.1.0:
- The shell payload is always displayed regardless of output action selected, ensuring you can copy it before starting the listener
- Auto-start listener feature automatically detects and launches your preferred terminal emulator (gnome-terminal, xterm, konsole, or terminator) with a ready-to-use listener
- Command aliases (
g,i,l) for faster workflow --no-banner/-nbflag to suppress ASCII banner
shellhooks list [OPTIONS]
Options:
-l, --language TEXT Filter by language
-s, --search TEXT Search by keywordshellhooks listener [OPTIONS]
Options:
-p, --port INTEGER Listening port (default: 4444)
-t, --tool [nc|ncat|socat|pwncat|metasploit|rlwrap]
Listener tool
--ssl Use SSL/TLS
--pty-upgrade Show PTY upgrade instructions
-a, --all Show all listener options# Save preset
shellhooks preset save <name> <language> -i <ip> -p <port> [OPTIONS]
# Load preset
shellhooks preset load <name> [OPTIONS]
# List presets
shellhooks preset list
# Delete preset
shellhooks preset delete <name>shellhooks cheatsheet [OPTIONS]
Options:
-l, --language TEXT Language for cheatsheet
-o, --output PATH Output file| Language | Icon | Variants | Description |
|---|---|---|---|
| Python | 🐍 | 7 | Standard, Short, IPv6, Oneliner, Windows |
| Bash | 🐚 | 7 | TCP, UDP, Exec, FIFO, Read Line |
| Shell (sh) | 📜 | 2 | Standard, Telnet |
| Netcat | 🔌 | 7 | Traditional, mkfifo, OpenBSD, Ncat, UDP |
| Telnet | 📞 | 2 | Standard, Mknod |
| Socat | 🔗 | 4 | Standard, PTY, TTY, SSL/TLS |
| PHP | 🐘 | 6 | exec, shell_exec, system, passthru, proc_open |
| Perl | 🐪 | 4 | Standard, No /bin/sh, Windows, Short |
| Ruby | 💎 | 4 | Standard, Bash, No /bin/sh, Windows |
| Node.js | 💚 | 5 | Standard, Bash, Short variants, Windows |
| Java | ☕ | 3 | Runtime, Simple, Groovy |
| PowerShell | ⚡ | 5 | TCP, Simple, Short, Nishang, Download |
| AWK | 🦅 | 1 | Standard |
| Go | 🐹 | 1 | Standard |
| Lua | 🌙 | 2 | Standard, LuaSocket |
| OpenSSL | 🔐 | 1 | Encrypted |
| Xterm | 🖥️ | 1 | X11 |
| Curl | 🌐 | 2 | Bash, Python |
| Wget | 📥 | 2 | Bash, Python |
Total: 19 languages, 66 variants
# 1. Generate a Python reverse shell with base64 encoding
shellhooks generate python -i 192.168.1.100 -p 4444 --encode base64 --clipboard
# 2. Set up listener
shellhooks listener -p 4444 --pty-upgrade
# 3. After connection, upgrade PTY using the displayed commands# Save lab environment preset
shellhooks preset save "internal-lab" python -i 10.10.10.50 -p 4444 --encode base64
# Save external engagement preset
shellhooks preset save "external" bash -i 203.0.113.10 -p 443
# Quick generation from presets
shellhooks preset load "internal-lab" --clipboard# Generate multiple shells and save to files
shellhooks generate python -i 10.0.0.1 -p 4444 -O shells/python.py
shellhooks generate bash -i 10.0.0.1 -p 4444 -O shells/bash.sh
shellhooks generate php -i 10.0.0.1 -p 4444 -O shells/php.phpShellHooks-CLI/
├── src/shellhooks/ # Main package
│ ├── cli.py # CLI interface
│ ├── generator.py # Shell generator
│ ├── templates.py # Template engine
│ ├── encoder.py # Encoding utilities
│ ├── validator.py # Input validation
│ ├── listener.py # Listener generation
│ ├── presets.py # Preset management
│ └── ui/ # UI components
├── tests/ # Unit tests
├── src/data/ # Shell templates
└── docs/ # Documentation
source venv/bin/activate
python tests/run_tests.pyThis tool generates payloads for authorized penetration testing only. Misuse of this tool for unauthorized access is illegal and unethical. The author assumes no liability for misuse.
This project is proprietary software. Contributions, modifications, and redistribution are not permitted without explicit written permission from the author.
For issues or questions:
- Man Page:
man shellhooks - GitHub Issues: ShellHooks-CLI/issues
- Contact: supunhg (GitHub)
Shell templates derived from publicly available security research and documentation including PayloadsAllTheThings, PentestMonkey, GTFOBins, and the offensive security community.
Copyright © 2025 Supun Hewagamage. All Rights Reserved.
This software is proprietary and confidential. Unauthorized copying, modification, distribution, or use is strictly prohibited. See LICENSE for details.
Made with 🔒 by Supun Hewagamage