For the past 9 years, Shellter has been widely used by many Infosec professionals with great results. So, here it is what people have to say about Shellter Pro and Shellter in general.
“Thank you for your work. Really a valuable addition to the Red Team toolset. Now even Cobalt Strike has value again.”
– Shellter Pro Plus Customer
“After 2 days of extensive testing against top EDRs I can say that Shellter is a killer beast. Of course many detections took place after loading due to bad post exploitation tooling and functionality but to my surprise Shellter’s backdoor was never really discovered. For all tests I used Cobalt Strike payloads injected in various executables and dlls. Loading of beacons to me became from one of the most painful problem to super easy and reliable process.”
– Shellter Pro Plus Customer
“I had heard such good things about Shellter from too many respected sources (friends that are smarter than me) I went straight to the Pro version, my view is that Shellter offers you time back that you may need to spend elsewhere, as a contractor I’m not just up against one collection of defence tools but each of my customers have made their own choices to how to defend, ShellterPro gives me the confidence that I’ll get my access opportunity.
I believe as it becomes more apparent how capable this tool is we will all see how modest Kyriakos has been with the pricing model. Shellter Pro is essential to my offensive exercises.”
John Carroll – CTU Security Ltd
“Shellter has always been my go to payload generator for conducting security tests. When I saw that a professional version was available I had to buy it. I use this tool so much that supporting the development of this project by buying the Pro version was a no brainer. The developers deserve getting paid for their fantastic work on this project.
I have used many tools over the years and Shellter stands way above the rest. Most other tools are un-detected for a short time but very quickly become useless as AV catches up. Shellter has always remained undetected and with the new features of the pro version I am sure the detection rates will remain very low.
There have been times when certain firewalls have blocked the second stage of the Meterpreter staged payloads but now with Shellter Pro you can use large stageless payloads and still remain undetected. Also, the ability to easily chain multiple payloads is priceless, often you have one shot to deliver and being able to chain multiple payloads means you can significantly increase your chances of success.
A big thank you to the Shellter team, keep up the great work!”
Tom Norfolk – IT Security Specialist
“Well worth the price! I was testing v3 (Shellter Pro) today with support for larger payloads. Used to use staged meterpreter payloads and 2nd stage would get blocked. Now we can use stageless meterpreter shellcode and it bypasses A/V that used to block it.”
Steve Campbell aka @lpha3ch0 – Security Consultant
“Shellter allows you to forget about AVs and EndPoint products all at once, so you know that your backdoored binary will bypass them. This allows you to focus on persistence and lateral movement, rather than worrying if your payload was caught or not.
I’m a big fan of the the multi-payload functionality of Shellter Pro since it allows you to have multiple reverse connections on both DNS, HTTP and HTTPS protocols: this helps a lot on hardened enviroments with strict egress traffic rules.
The tool is flexible enough to be used on both Linux via Wine or directly on Windows, and can be used by both skilled hackers to customize options or in auto-mode.
Last but not least, the fact you can choose between one-liners (great for API integration) or interactive mode gives you maximum freedom on how you use it.
In other words when doing Red Teaming, Phishing or Internals and your targets are Windows boxes, you need Shellter Pro.”
Michele Orru’ aka @antisnatchor – Pentester/Red Teamer & Beef Framework Core Developper.
“Shellter takes a very elegant approach to evade detection that is proven to be successful against both AVs and humans.
This tool is ideal for security professionals who truly care about understanding how things work and want to save time in getting their payloads in the right place.”
Francisco Ribeiro aka @blackthorne – Principal Offensive Security Engineer
“Shellter Pro cuts through AVs like a hot knife through butter!
It is an essential tool in any pentester or red teamer arsenal for evading the AVs in engagements.
It *IS* the state of the art in evasion techniques, and ensures that you don’t have to worry whether your binary will get flagged by AVs, because it surely will not.
Simple enough to use, but with enough options for more complex requirements.
Get it now, or you’ll regret you didn’t the next time your binary is quarantined.”
Bruno Morisson aka @morisson – Penetration Testing Services Director / BSidesLisbon founder
“On many occasions, I was faced with Antivirus software bypass in order to be able to compromise further the targets.
The outstanding work on Shellter has significantly contributed to achieving my goals and had an excellent and effective impact on my infrastructure and red teaming assignments.
Therefore, I highly recommend using the Shellter Pro Edition in your projects.”
Spiros Fraganastasis aka @m3g9tr0n – IT Security Consultant.
“Tested Shellter against every protection we had, McAfee Endpoint, Viewfinity, McAfee Web Gateway and many others. All PWNED!
Even had the chance to test an exe I made with Shellter on some new machine learning AV solutions @ BHUSA 2016.
Long story short- PWNED! Good luck AV world!”
Eddie Rios – Senior IT Security Analyst
“Have been using Shellter for some time now. The options available are definitely what is required for successful AV evasion.
Many options to match the needs per case. Embedded options for payloads but also the ability for custom payload use, make it quite flexible.
In addition it is quite easy to use so the AV bypass process doesn’t take time. Awesome tool !!!”
Anna Manousaki – Senior IT Security Consultant
“From what we’ve seen at TestmyAV.com, Shellter is setting the benchmark for creating the hardest PEs for AV to catch.”
Carl Gottlieb aka @CarlGottlieb – Consulting Director, TestmyAV.com (AMTSO member)
“It’s powerful, comprehensive and totally reliable. Every time I needed to bypass an AV, Shellter did the job!!!! And with so many options and functionality, there is no way you can’t get the job done.
Definitely the best tool out there…”
Kyprianos Vasilopoulos – Principal IT Security Consultant
“Nowadays, real word AV evasion tools are not silver bullet, but at this moment I think Shellter is the best choice.
The real evasion rank (not VirustTotal style websites) is very high. At the present, in my engagements it is the first tool that I try if I need to bypass AV.”
Guglielmo Scaiola aka @S0ftwarGS – Senior Security Consultant
“Sometimes you only have one chance to get a user to execute a payload. This is were I turned to Shellter.
This is one of the only solutions I have been able to use that doesn’t get detected by AV and allows multiple payloads to be chained in the same PE.
Because of all the available customizations, Shellter is the most powerful AV evasion tool out there today! Shellter is now my go-to tool when I need to evade AV!”
Ricky Freeman aka @f0rkb0mbed – Pen Tester and Technical
Security Consultant
“Coming from a contorted and unpredictable DIY process, ShellterPro suddenly became my tool of choice when i need to bypass AV/EPP.
Multiple payloads functionality also helps when you want to be sure that the endpoint will reach your metasploit host, or at least to try more than one way.
Give it a chance, you won’t go back.
Plus: it’s almost priceless.”
Sandro Zaccarini aka guly – Security Consultant
Disclaimer
We do not support nor condone illegal activities in any shape or form. This software is offered with the sole purpose to assist ethical hackers in their daily jobs during Penetration Testing and/or Red Team engagements. The author of this software and INSAINTED LTD assume no responsibility for any unlawful actions taken and any damages caused by using this software.