Web Implant Factory
Web shell deployment, phishing page cloning, and credential harvesting for red team operations.
What It Does
Generates obfuscated PHP web shells with authentication and anti-forensic features, creates credential harvesting pages that log credentials and forward users seamlessly, deploys shells through file upload, LFI, and deserialization vectors, and clones live login pages with instrumentation for credential capture. Pure Python/PHP/Flask — zero compilation.
Scripts
| Script | Description |
|---|---|
panel_backdoor | Admin panel backdoor injection — adds hidden admin users, backdoors auth checks |
credential_harvester | Credential harvesting page generation — logs credentials, forwards to real login |
shell_deployer | Web shell deployment — PHP/ASPX/JSP shells, obfuscation, auth gating |
phishing_cloner | Phishing page cloning — mirrors target login pages with credential capture hooks |
When to Use
Use when you have web application access and need to maintain persistence or capture credentials. Deploy panel_backdoor for admin panel persistence, credential_harvester for ongoing credential capture, or shell_deployer for command execution access.
Usage
RedTeamScript(skill="web-implant-factory", script="shell_deployer", args="--url https://target.com/upload.php --obfuscate --auth-password s3cur3")