reddit hackernews mail facebook facebook linkedin


Generate reverse shell payloads on the fly.

LAZYPARIAH is a simple and easily installable command-line tool written in pure Ruby that can be used during penetration tests and capture-the-flag (CTF) competitions to generate a range of reverse shell payloads on the fly.

The reverse shell payloads that LAZYPARIAH supports include (but are not limited to):
- C binary payloads (compiled on the fly): c_binary
- Ruby payloads: ruby, ruby_b64, ruby_hex, ruby_c
- Powershell payloads: powershell_c, powershell_b64
- Base64-encoded Python payloads: python_b64
- Rust binary payloads (compiled on the fly): rust_binary
- PHP scripts containing base64-encoded Python payloads called via the system() function: php_system_python_b64
- Java classes (compiled on the fly): java_class
- Perl payloads: perl, perl_b64, perl_hex, perl_c
- Simple PHP payloads (targeting specific file descriptors): php_fd, php_fd_c, php_fd_tags