Welcome to another quick article! I will be showing you where to access information on shells like Netcat, PHP, python and more. I am going to try and not reinvent the wheel here as there are plenty of articles online on how and where to use these shells. They will come in use in the real world as well as if you are practicing for the OSCP or having fun with HacktheBox!

We will start with Netcat.A very popular usage of Netcat and probably the most common use from penetration testing perspective are reverse shells and bind shells. A reverse shell is a shell initiated from the target host back to the attack box which is in a listening state to pick up the shell.

Simply put, Netcat is a telnet that you can use in scripts. Plus it can be used as a simple listener if you want. It is not encrypted.


Hacking-tutorials has a great article to get started at http://www.hackingtutorials.org/networking/hacking-with-netcat-part-1-the-basics/

In order to not reinvent the wheel on what or how these shells are used, here are some following link that will be helpful.

http://www.rubyguides.com/2012/07/socat-cheatsheet/
http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet
https://github.com/infodox/python-pty-shells
https://github.com/JohnTroony/php-webshells
http://www.gnucitizen.org/blog/reverse-shell-with-bash/
http://pentestmonkey.net/tools/web-shells/php-reverse-shell
http://bernardodamele.blogspot.com/2011/09/reverse-shells-one-liners.html
http://resources.infosecinstitute.com/icmp-reverse-shell/#gref
https://ababians.wordpress.com/wordpress-blog-hacking/uploading-shell-in-wordpress/
https://netsec.ws/?p=337 -- spawing a tty shell
https://netsec.ws/?p=33 --creating metasploit payloads then catching shells

Enjoy!