Blog
Articles, guides, and updates.
A plain-English explanation of how reverse shells work, why they beat bind shells through firewalls, and how a reverse shell generator saves you from copy-paste mistakes.
The common bash reverse shell one-liners explained line by line, why they need bash (not sh), and how to fall back when /dev/tcp is missing.
How the python reverse shell one-liner works with socket and pty, why the python/python3 split breaks payloads, and a version-agnostic fallback.
How the netcat reverse shell works, why most modern nc builds dropped the -e flag, and the mkfifo and ncat alternatives that replace it.
How a PHP reverse shell works on a compromised web app, the fsockopen and proc_open variants, and what to do when exec is disabled.
How reverse shells work on Windows targets, the PowerShell TCPClient one-liner versus dropping nc.exe, and how to get an interactive console.
A quick-reference reverse shell cheat sheet — bash, python, php, powershell and netcat one-liners, the listener to catch them, and the TTY upgrade — with links to the full guide for each.
How to generate a reverse shell with msfvenom, the difference between staged and stageless payloads, and why your nc listener catches one but not the other.
How a socat reverse shell gives you a fully interactive PTY out of the box, plus the encrypted OPENSSL variant — when socat is available on the target.