Penelope icon
Penelope icon

Penelope

Penelope is a modern shell handler for penetration testers and CTF players. It provides a more capable alternative to basic netcat listeners, adding automatic PTY upgrades, session management, logging, file transfers and helper modules.

Penelope screenshot 1

Cost / License

Platforms

  • Linux
  • BSD
  • FreeBSD
  • Mac
  • Python
Penelope screenshot 1
Penelope screenshot 2
+2
Penelope screenshot 3
0likes
0comments
0alternatives
0articles

Features

  1.  Python-based
  2.  Penetration Testing
  3.  Port Forwarding

Penelope News & Activities

Highlights All activities

Recent activities

Penelope information

  • Developed by

    GR flagbrightio
  • Licensing

    Open Source (GPL-3.0) and Free product.
  • Written in

  • Alternatives

    0 alternatives listed
  • Supported Languages

    • English

AlternativeTo Categories

Network & AdminSystem & Hardware

GitHub repository

  •  1,867 Stars
  •  216 Forks
  •  3 Open Issues
  •   Updated  
View on GitHub
Penelope was added to AlternativeTo by Paul on and this page was last updated .
No comments or reviews, maybe you want to be first?

What is Penelope?

Penelope is a modern shell handler for penetration testers and CTF players. It provides a more capable alternative to basic netcat listeners, adding automatic PTY upgrades, session management, logging, file transfers and helper modules.

Session features:

  • Auto-upgrade shell
  • Real-time terminal resize
  • Logging shell activity
  • Download remote files/folders
  • Upload local/HTTP files/folders
  • In-memory local/HTTP script execution with real-time output downloading
  • Local port forwarding
  • Spawn shells on multiple tabs and/or hosts
  • Auto-maintain N active shells per host (re-spawn on death)

Global features:

  • Streamline interaction with the targets via modules
  • Multiple sessions
  • Multiple listeners
  • Serve files/folders via HTTP (-s switch)
  • Can be imported by python3 exploits and get shell on the same terminal
  • Can work in conjunction with Metasploit exploits by disabling the default handler with set DisablePayloadHandler True
  • Expose live sessions to an MCP client like Claude Code with the --mcp switch (local HTTP, token-authenticated), driving the same shells alongside you

Official Links