Search
Collection
Category
Tag
Blog
Pricing
Submit

Newsletter

Join the Community

Subscribe to our newsletter for the latest news and updates

Email

AISecKit

Curated AI security tools & LLM safety resources for cybersecurity professionals

Product

Search
Collection
Category
Tag

Resources

Blog
Pricing
Submit

Tools

🔥Marathons Tools

Company

About Us
Privacy Policy
Terms of Service
Sitemap

Copyright © 2025 All Rights Reserved.

Home
Category
EtherGhost

EtherGhost

新一代Webshell管理器，兼容蚁剑与冰蝎的PHP webshell

Introduction

Information

Publisher
AISecKit
Websitegithub.com
Published date2025/04/28

Categories

Penetration Testing
Vulnerability Disclosure
Web Security

Tags

Open Source
Encryption
Penetration Testing

More Products

image of Phantom

DevSecOps ToolsPenetration TestingVulnerability Scanners

Phantom

A browser extension for SRC vulnerability mining, collecting sensitive information and suspicious clues from web pages.

Security Auditing Open Source Incident Response Vulnerability Scanning API Security+1

Exploiting AI

An introductory class on understanding AI security risks and mitigation strategies.

Prompt Injection Generative AI Red Team Testing Data Poisoning

Folly

Open-source LLM Prompt-Injection and Jailbreaking Playground for testing LLM security vulnerabilities.

Prompt Injection Open Source API Security Security Testing LLM Security+1

EtherGhost

EtherGhost is a next-generation webshell manager compatible with AntSword and IceScorpion PHP webshells. It provides a user-friendly interface and simplifies the management of webshells in various penetration scenarios.

Key Features:

Compatibility: Supports common one-liner webshells and integrates with AntSword and IceScorpion webshells.
Strong Encryption: Built-in RSA2048 + AES256-CBC encryption to prevent replay attacks and traffic analysis.
User-Friendly: B/S architecture allows users to connect via a local browser, minimizing the risk of local machine infection.
File Management: Asynchronous file upload and download capabilities.
Customizable: Supports custom encoders and decoders, allowing for integration with AntSword's ecosystem.
Traffic Obfuscation: Plans to implement traffic obfuscation to disguise webshell traffic as legitimate uploads.

Benefits:

Enhanced Security: Strong encryption and traffic management features enhance the security of webshell operations.
Flexibility: Users can choose between various installation methods, including direct source execution and packaging.
Community Support: Open-source nature encourages contributions and improvements from the community.

Highlights:

Installation Options: Available for Windows and Linux with multiple installation methods.
Active Development: Regular updates and feature enhancements based on user feedback and security needs.
Educational Purpose: Designed for educational and research purposes, emphasizing responsible use in authorized security testing.