Pop shells like a master
Shell pop is all about popping shells. With this tools you can
generate easy and sofisticated reverse or bind shell commands
to help you during penetration tests.
Don't wast more time with .txt files storing your Reverse shells!
root@kali# python setup.py install
To quickly list all available options of this tools, use --help.
user@pc$ shellpop --help
You can list all available shellpop shells using the --list option.
user@desktop$ shellpop --list
There is two types of payloads in this program: Bind or Reverse.
Reverse shells use your attacker machine to serve as the "server". In this type of payload, you need both --host and --port pointing back to your machine. A handler must be set.
Bind shells use the remote host to serve the connection. In this type of payload, all you need is the --port option with a valid port number.
Encoders are special options that you can use while generating shellpop payloads.
There are, currently, three encoding methods that can be applied singularly, or concurrently, and they are:
Uses a random numeric key (1-255) to obfuscate the payload and add a decryption stub to decrypt it.
Simple base64 encoding in payload data and add a decryption stub to decrypt it.
Simple URL encode over the final payload.



Currently there is support of two protocols to land your shells:

This code is authored by Andre Marques (@zc00l) and this project's contributors.
It is made open to public the moment it was released in this github.
Any damage caused by this tool don't make any contributor, including the author, of responsibility.
$ claude mcp add ShellPop \
-- python -m otcore.mcp_server <graph>