Pentest Tools no image

Published on May 13th, 2016 📆 | 1632 Views ⚑


RSPET – Python Reverse Shell and Post Exploitation Tool

RSPET (Reverse Shell and Post Exploitation Tool) is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario.
  • Remote Command Execution
  • Trafic masking (XORed insted of cleartext); for better results use port 443[1]
  • Built-in File/Binary transfer (both ways) over the masked trafic
  • Built-in UDP Flooding tool
  • Built-in UDP Spoofing tool[2]
  • Multiple/All Hosts management; order File/Binary transfer and UDP Flood from Multiple/All connected Hosts
  • Modular Code Design to allow easy customization[3]
  • Client script is tested and is compatible with PyInstaller (can be made into .exe)[4]
*[1]The idea for XORing as well as the skeleton for the client came from so if you like this pack of scripts you'll probably love what they do
*[2]UDP Spoofing uses RAW_SOCKETS so in order to utilize it, the client has to run on an OS that supports RAW_SOCKETS (most Unix-Based) and with root privilages. Finally, most of the ISPs have implementations in place that will either drop or re-structure spoofed packets
*[3]See EXPANDING for how you can easily add new functionality and customize RSPET to your needs
*[4]Again check's perfect blogpost about producing an .exe


  • or is situated at the attacker's machine and running to accept connections
  • or is situated in the infected machine(s) and will initiate the connection and wait for input.

[adsense size='1']

  • Server:
python (max_connections) 

max_connections defaults to 5 if left blank

  • Client:
python server_ip

Many changes can be made to fit individual needs.
As always if you have any suggestion, bug report or complain feel free to contact me.


  • Fix logic bug where if a dirrect command to Host OS has no output Server displays command not recognised
  • Fix logic bug where if a dirrect command's to Host OS execution is perpetual the Server deadlocks
  • Add client version and type (min or full) as a property when client connects and at List_Hosts
  • Add client update mechanism (being worked on)
  • Add UDP Reflection functionality (already in the workings)


Download RSPET

Comments are closed.