chrispetrouchrispetrou
248

HRShell

screenshot of HRShell
flask

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

Github

Overview

HRShell is an advanced reverse shell solution designed with a focus on stealth and security, utilizing the HTTP(S) protocol for communication. Built with Flask and compatible with Python 3.x, it has undergone extensive testing on various operating systems, including Linux distributions, macOS, and Windows. Its secure nature is enhanced through TLS support, making it a robust choice for users needing a reliable reverse shell that also prioritizes encrypted communication.

This tool not only provides essential shell functionalities but also offers the flexibility to perform actions like shellcode injection and directory navigation. With its compatibility across different platforms and the ease of extending functionality, HRShell stands out as a comprehensive solution for developers and cybersecurity professionals.

Features

  • Stealthy Operation: HRShell uses HTTP(S) for communication, ensuring minimal detection by security systems, with optional diskless operation when configured correctly.
  • TLS Support: Offers the ability to use on-the-fly certificates for encrypted communication, enhancing security against interception.
  • Shellcode Injection: Allows for shellcode injection directly into processes with support for migrating to different process IDs (PIDs), offering flexibility in exploitation scenarios.
  • Cross-Platform Compatibility: Supports a range of platforms including Windows (x86 and x64) and both 32-bit and 64-bit Unix systems, with more platforms coming soon.
  • Extended Command Utilization: Supports various command executions including downloads, uploads, screenshots, and hex commands, along with pipelining and chained command execution for efficient task management.
  • Interactive Command History: Provides an interactive history command on Unix systems, enhancing usability during remote sessions.
  • Multiple Server Options: Comes with built-in support for Flask and Tornado-WGI servers, as well as compatibility with other popular production servers like Gunicorn and Nginx.
  • Easily Extensible: The design allows for easy extension of functionalities, making it straightforward to write clients in other programming languages such as Java and Go.
flask
Flask

Flask is a lightweight and popular web framework for Python, known for its simplicity and flexibility. It is widely used to build web applications, providing a minimalistic approach to web development with features like routing, templates, and support for extensions.