name: SecLists Web-Shells
apm install @eyadkelleh/web-shells
[](https://apm-p1ls2dz87-atlamors-projects.vercel.app/packages/@eyadkelleh/web-shells)---
name: SecLists Web-Shells
description: Web shell samples for detection and analysis: PHP, ASP, ASPX, JSP, Python, Perl shells. Use for security research and detection system testing.
---
# SecLists Web-Shells
## Description
Web shell samples for detection and analysis: PHP, ASP, ASPX, JSP, Python, Perl shells. Use for security research and detection system testing.
**Source:** [SecLists/Web-Shells](https://github.com/danielmiessler/SecLists/tree/master/Web-Shells)
**Repository:** https://github.com/danielmiessler/SecLists
**License:** MIT
## When to Use This Skill
Use this skill when you need:
- Web shell detection testing
- Security monitoring validation
- Malware analysis
- IDS/IPS signature testing
- Forensics research
**⚠️ IMPORTANT:** Only use for authorized security testing, bug bounty programs, CTF competitions, or educational purposes.
## Key Files in This Skill
- `PHP shells - Common PHP web shells`
- `ASP/ASPX shells - Microsoft web shells`
- `JSP shells - Java server pages shells`
- `Python shells - Python-based shells`
- `Perl shells - Perl web shells`
## Usage Example
```python
# Access files from this skill
import os
# Example: Load patterns/payloads
skill_path = "references/Web-Shells"
# List all available files
for root, dirs, files in os.walk(skill_path):
for file in files:
if file.endswith('.txt'):
filepath = os.path.join(root, file)
print(f"Found: {filepath}")
# Read file content
with open(filepath, 'r', errors='ignore') as f:
content = f.read().splitlines()
print(f" Lines: {len(content)}")
```
## Security & Ethics
### Authorized Use Cases ✅
- Authorized penetration testing with written permission
- Bug bounty programs (within scope)
- CTF competitions
- Security research in controlled environments
- Testing your own systems
- Educational demonstrations
### Prohibited Use Cases ❌
- Unauthorized access attempts
- Testing without permission
- Malicious activities
- Privacy violations
- Any illegal activities
## Complete SecLists Collection
This is a curated subset of SecLists. For the complete collection:
- **Full repository:** https://github.com/danielmiessler/SecLists
- **Size:** 4.5 GB with 6,000+ files
- **All categories:** Passwords, Usernames, Discovery, Fuzzing, Payloads, Web-Shells, Pattern-Matching, AI, Miscellaneous
---
**Generated by Skill Seeker** | SecLists Web-Shells Collection
**License:** MIT - Use responsibly with proper authorization