reddit hackernews mail facebook facebook linkedin


A modular multi-language webshell.

Kraken is a modular multi-language webshell focused on web post-exploitation and defense evasion. It supports three technologies (PHP, JSP and ASPX) and is core is developed in Python.

Kraken follows the principle of "avoiding command execution" by re-implementing it through the functionalities of the programming language in use. Kraken seeks to provide usability, scalability and improve the OPSEC of ongoing operations.

Although its main use is focused on offensive purposes (e.g. red teams, internal pentest), it is possible to use it by blue teams to evaluate existing defensive tools and configurations.