{
	"id": "1b2537e0-aec5-4fae-989e-6bd3bc4c21e5",
	"created_at": "2026-04-06T00:09:41.201878Z",
	"updated_at": "2026-04-10T03:24:29.300542Z",
	"deleted_at": null,
	"sha1_hash": "b95218395b69cd664890b3c027db2db474e8a057",
	"title": "WebShell/reGeorg-master at master · xl7dev/WebShell",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 45500,
	"plain_text": "WebShell/reGeorg-master at master · xl7dev/WebShell\r\nBy xl7dev\r\nArchived: 2026-04-05 23:01:37 UTC\r\n _____ ______ __|___ |__ ______ _____ _____ ______\r\n | | | ___|| ___| || ___|/ \\| | | ___|\r\n | \\ | ___|| | | || ___|| || \\ | | |\r\n |__|\\__\\|______||______| __||______|\\_____/|__|\\__\\|______|\r\n |_____|\r\n ... every office needs a tool like Georg\r\nwillem@sensepost.com / @_w_m__\r\nsam@sensepost.com / @trowalts\r\netienne@sensepost.com / @kamp_staaldraad\r\nVersion\r\n1.0\r\nDependencies\r\nreGeorg requires Python 2.7 and the following modules:\r\nurllib3 - HTTP library with thread-safe connection pooling, file post, and more.\r\nUsage\r\n$ reGeorgSocksProxy.py [-h] [-l] [-p] [-r] -u [-v]\r\nSocks server for reGeorg HTTP(s) tunneller\r\noptional arguments:\r\n -h, --help show this help message and exit\r\n -l , --listen-on The default listening address\r\n -p , --listen-port The default listening port\r\n -r , --read-buff Local read buffer, max data to be sent per POST\r\n -u , --url The url containing the tunnel script\r\n -v , --verbose Verbose output[INFO|DEBUG]\r\nhttps://github.com/xl7dev/WebShell/tree/master/reGeorg-master\r\nPage 1 of 2\n\nStep 1. Upload tunnel.(aspx|ashx|jsp|php) to a webserver (How you do that is up to you)\r\nStep 2. Configure you tools to use a socks proxy, use the ip address and port you specified when you\r\nstarted the reGeorgSocksProxy.py\r\n** Note, if you tools, such as NMap doesn't support socks proxies, use proxychains (see wiki)\r\nStep 3. Hack the planet :)\r\nExample\r\n$ python reGeorgSocksProxy.py -p 8080 -u http://upload.sensepost.net:8080/tunnel/tunnel.jsp\r\nLicense\r\nMIT\r\nSource: https://github.com/xl7dev/WebShell/tree/master/reGeorg-master\r\nhttps://github.com/xl7dev/WebShell/tree/master/reGeorg-master\r\nPage 2 of 2",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"MITRE"
	],
	"references": [
		"https://github.com/xl7dev/WebShell/tree/master/reGeorg-master"
	],
	"report_names": [
		"reGeorg-master"
	],
	"threat_actors": [
		{
			"id": "aa73cd6a-868c-4ae4-a5b2-7cb2c5ad1e9d",
			"created_at": "2022-10-25T16:07:24.139848Z",
			"updated_at": "2026-04-10T02:00:04.878798Z",
			"deleted_at": null,
			"main_name": "Safe",
			"aliases": [],
			"source_name": "ETDA:Safe",
			"tools": [
				"DebugView",
				"LZ77",
				"OpenDoc",
				"SafeDisk",
				"TypeConfig",
				"UPXShell",
				"UsbDoc",
				"UsbExe"
			],
			"source_id": "ETDA",
			"reports": null
		}
	],
	"ts_created_at": 1775434181,
	"ts_updated_at": 1775791469,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/b95218395b69cd664890b3c027db2db474e8a057.pdf",
		"text": "https://archive.orkl.eu/b95218395b69cd664890b3c027db2db474e8a057.txt",
		"img": "https://archive.orkl.eu/b95218395b69cd664890b3c027db2db474e8a057.jpg"
	}
}