Skip to content
A simple script that automates generation of OpenSSL reverse shells
Branch: master
Clone or download
TheSecondSun Merge pull request #4 from kisec/master
Fix typo & Modify certificates deletion function
Latest commit bd64eca Jul 20, 2019
Type Name Latest commit message Commit time
Failed to load latest commit information. Initial Commit Jul 14, 2019
revssl.png Initial Commit Jul 14, 2019 Modify certificates deletion function Jul 16, 2019
screenshot.png Initial Commit Jul 14, 2019


A simple Bash script that makes generation of OpenSSL reverse shells painless

Table of Contents


Revssl was created mainly to automate the OpenSSL reverse shell idea from here, and pack it into a single script. It can generate agents both for Linux and Windows, providing a secure and encrypted remote control channel. I am still working on OSX implementation. This code isn't perfect, so feel free to open new issues and contribute :D


usage: revssl [-h] [-i] [-e <encryption>] [-d <days>] [-l <lhost>]
              [-p <lport>] [-k <keyname>] [-c <certname>] [-p <platform>]
              [-o] [-n <outfile>] [-s <domain>] [-r]
 -h     Show help message
 -i     Initiate listener in OpenSSL
 -e <encryption>
        Choose encryption type (default: rsa:4096)
 -d <days>
        Set certificates lifetime
 -l <lhost>
        Set listening host (default:
 -p <port>
        Set listening port (default: 443)
 -k <keyname>
        Set name of generated key file (default: key.pem)
 -c <certname>
        Set name of generated cert file (default: cert.pem)
 -p <platform>
        Select agent platform (windows or linux, default: linux)
 -s <domain>
        Domain name for Windows Powershell agent (default:
 -o     Write agent to a file
 -n <outfile>
        Select name of the agent file (default: openssl_revshell)
 -r     Remove generated certificates after established session




This software is under MIT License

You can’t perform that action at this time.