aesshell|0.7|A backconnect shell for Windows and Unix written in python and uses AES in CBC mode in conjunction with HMAC-SHA256 for secure transport.|https://packetstormsecurity.com/files/132438/AESshell.7.html azazel|12.16ca8ac|A userland rootkit based off of the original LD_PRELOAD technique from Jynx rootkit.|https://github.com/chokepoint/azazel backcookie|45.35fb0a3|Small backdoor using cookie.|https://github.com/mrjopino/backcookie backdoor-factory|172.d4de862|Patch win32/64 binaries with shellcode.|https://github.com/secretsquirrel/the-backdoor-factory backdoorme|193.1a31041|A powerful utility capable of backdooring Unix machines with a slew of backdoors.|https://github.com/Kkevsterrr/backdoorme cymothoa|1|A stealth backdooring tool, that inject backdoor's shellcode into an existing process.|http://cymothoa.sourceforge.net/ dragon-backdoor|7.c7416b7|A sniffing, non binding, reverse down/exec, portknocking service Based on cd00r.c.|https://github.com/Shellntel/backdoors enyelkm|1.2|Rootkit for Linux x86 kernels v2.6.|http://www.enye-sec.org/programas.html gobd|81.e64b5a5|A Golang covert backdoor.|https://github.com/razc411/GoBD hotpatch|0.2|Hot patches executables on Linux using .so file injection.|http://www.selectiveintellect.com/hotpatch.html jynx2|2.0|An expansion of the original Jynx LD_PRELOAD rootkit|http://www.blackhatlibrary.net/Jynx2 meterssh|10.ebb6f4e|A way to take shellcode, inject it into memory then tunnel whatever port you want to over SSH to mask any type of communications as a normal SSH connection.|https://github.com/trustedsec/meterssh ms-sys|2.5.3|A tool to write Win9x-.. master boot records (mbr) under linux - RTM!|http://ms-sys.sourceforge.net/ pyrasite|2.0|Code injection and introspection of running Python processes.|http://pyrasite.com/ rrs|1.70|A reverse (connecting) remote shell. Instead of listening for incoming connections it will connect out to a listener (rrs in listen mode). With tty support and more.|http://www.cycom.se/dl/rrs rubilyn|0.0.1|64bit Mac OS-X kernel rootkit that uses no hardcoded address to hook the BSD subsystem in all OS-X Lion & below. It uses a combination of syscall hooking and DKOM to hide activity on a host.|http://nullsecurity.net/tools/backdoor.html stegolego|8.85354f6|Simple program for using stegonography to hide data within BMP images.|https://github.com/razc411/StegoLeggo syringe|1.9786f35|A General Purpose DLL & Code Injection Utility.|https://github.com/securestate/syringe trixd00r|0.0.1|An advanced and invisible userland backdoor based on TCP/IP for UNIX systems.|http://nullsecurity.net/tools/backdoor.html tsh|0.6|An open-source UNIX backdoor that compiles on all variants, has full pty support, and uses strong crypto for communication.|http://packetstormsecurity.com/search/?q=tsh tsh-sctp|2.850a2da|An open-source UNIX backdoor.|https://github.com/infodox/tsh-sctp u3-pwn|2.0|A tool designed to automate injecting executables to Sandisk smart usb devices with default U3 software install.|http://www.nullsecurity.net/tools/backdoor.html unicorn|36.a81fdf2|A simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory.|https://github.com/trustedsec/unicorn webacoo|0.2.3|Web Backdoor Cookie Script-Kit.|https://bechtsoudis.com/webacoo/ webshells|14.112ea8c|Web Backdoors.|https://github.com/BlackArch/webshells webspa|0.8|A web knocking tool, sending a single HTTP/S to run O/S commands.|http://sourceforge.net/projects/webspa/ weevely|688.10b3af9|Weaponized web shell.|http://epinna.github.io/Weevely/