revshell.work
For authorized testing & lab environments only.Use only on systems you own or are explicitly contracted to assess. Unauthorized access is illegal.
About the project

Built for the people on the right side of the engagement

RevShell.work is a focused reference tool maintained byIron Lattice Labs, a small independent security collective. It exists to save red teamers, CTF players, and students the tedium of remembering payload syntax — nothing more.

What it is

A single-purpose generator and reference for reverse-shell one-liners. Everything runs client-side: you type a listener address, pick a shell, and the correct command is assembled in your browser. There is no backend, no payload database call, and no account.

  • Offline by design. No external scripts, fonts, or analytics. Load it once and it works on an air-gapped lab laptop.
  • No telemetry. We never see your LHOST, your ports, or which payloads you generate. There is nothing to see.
  • Transparent logic. Every template is plain text substituted with your values — no obfuscation, no surprises.

Responsible use

Reverse shells are a normal, legitimate part of authorized security testing. They are also, used without permission, a crime in nearly every jurisdiction. The distinction is consent, in writing, before you act.

Use this tool only when all of the following are true

  1. You own the target system, or you hold explicit written authorization to test it.
  2. Your activity falls inside the agreed scope, time window, and rules of engagement.
  3. You are operating in a lab, CTF, or contracted assessment — not against systems you simply have access to.
  4. You will report findings responsibly and avoid collateral impact.

If you cannot point to the document that authorizes your test, you do not have authorization. Stop.

Who it is for

  • Penetration testers working a sanctioned engagement who need a payload fast.
  • CTF and lab players on platforms where intentionally vulnerable machines are provided for practice.
  • Blue teams and educators studying how these payloads look on the wire in order to detect them.

Learn the defense, too

Understanding offense is half the picture. If you are building detection, study how each payload appears in process trees and egress logs — an outbound connection from bash to a high port, a powershell -enc with a long blob, apython3 -c opening a socket. Thereference doubles as a detection checklist.

Contact

Found an incorrect payload or want to suggest one? Reach the maintainers at team@example-labs.test. We respond to verified security reports first.