⚠️ Educational Purpose OnlyThis project demonstrates the fundamentals of reverse shell communication using Python sockets. It is intended solely for learning networking concepts, penetration testing in authorized lab environments, and cybersecurity education.
Do NOT use this project on systems you do not own or have explicit permission to test.
This project implements a basic reverse shell using Python's socket library. The client establishes an outbound TCP connection to the server, allowing the server to send commands and receive command output.
The project was developed to better understand:
- TCP socket programming
- Client-server communication
- Command execution
- Reverse shell concepts
- Defensive detection techniques
- TCP client-server communication
- Reverse connection from client to server
- Remote command execution
- Receive command output
- Multiple command execution
- Simple terminal interface
- Lightweight implementation using Python
Backdoor-reverseShell-Python/
│
├── backdoor.py # Reverse shell client
├── server.py # Listener/server
├── requirements.txt
└── README.md
- Python 3.10+
- Windows or Linux
Install dependencies:
pip install -r requirements.txt- Start the server.
- Configure the client with the server's IP address and port.
- Run the client.
- The client connects back to the server.
- The server sends commands.
- The client executes the commands locally.
- Command output is returned to the server.
+-------------+ TCP Connection +-------------+
| Client | ----------------------------------> | Server |
| (Target VM) | | (Listener) |
+-------------+ +-------------+
^ |
| |
+------------ Command Output -----------------------+
- Python
- Socket Programming
- Subprocess Module
- TCP Networking
This project helped me understand:
- Socket programming fundamentals
- Reverse shell architecture
- TCP communication
- Remote command execution
- Network-based malware behavior
- Defensive detection opportunities
Reverse shells are commonly detected by security tools through:
- Outbound connections to suspicious IP addresses
- Unusual parent-child process relationships
- PowerShell or CMD spawned by unknown processes
- Endpoint Detection and Response (EDR)
- Firewall monitoring
- Network Intrusion Detection Systems (IDS)
- Security Information and Event Management (SIEM)
Understanding how reverse shells operate helps defenders recognize and respond to malicious activity.
This project is intentionally simple and does not include:
- Encryption
- Persistence
- Privilege escalation
- Obfuscation
- Authentication
- Stealth techniques
- Evasion mechanisms
The focus is on learning networking concepts rather than creating a sophisticated tool.
This repository is provided strictly for educational purposes.
The author does not encourage or support unauthorized access, malicious activity, or illegal use of this software. Always obtain proper authorization before conducting any security testing.