PhpSploit - Full-featured C2 framework


PhpSploit is a Full-featured C2 framework which silently persists on webserver via evil PHP oneliner. Built for stealth persistence, with many privilege-escalation & post-exploitation features.


How to get this tool

To use this tool, please use a method listed below.

In a Linux (Debian OS), run the following command(s).

git clone

cd phpsploit

pip3 install -r requirements.txt


Download directly from the following link:


How to execute

./phpsploit --interactive --eval "help help"





Next steps:


This article was contributed by Jason Jacobs from Guyana. Jason is a member of the Caribbean CSPA.

Was this article helpful?
0 out of 0 found this helpful



Article is closed for comments.