https://github.com/pegasusmetasec/rce-pegasus

🦅 PEGASUS RCE - Fly Through WAF | WordPress Mass Exploiter | PHP Filter Chain Magic
https://github.com/pegasusmetasec/rce-pegasus

rce rce-classic-celgene-research rce-exploit rce-exploits rce-protection wp-plugin wpf-application

Last synced: 2 months ago
JSON representation

🦅 PEGASUS RCE - Fly Through WAF | WordPress Mass Exploiter | PHP Filter Chain Magic

• Host: GitHub
• URL: https://github.com/pegasusmetasec/rce-pegasus
• Owner: PegasusMetaSec
• License: agpl-3.0
• Created: 2026-04-16T16:56:50.000Z (2 months ago)
• Default Branch: main
• Last Pushed: 2026-04-16T19:11:17.000Z (2 months ago)
• Last Synced: 2026-04-16T19:25:55.643Z (2 months ago)
• Topics: rce, rce-classic-celgene-research, rce-exploit, rce-exploits, rce-protection, wp-plugin, wpf-application
• Language: Python
• Homepage:
• Size: 1.93 MB
• Stars: 1
• Watchers: 0
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          




### *WordPress Backup Backup Plugin - Remote Code Execution Exploit*

[![Version](https://img.shields.io/badge/version-1.0-blue.svg)](https://github.com/yourusername/pegasus-rce)

[![Python](https://img.shields.io/badge/python-3.7+-green.svg)](https://www.python.org/downloads/)

[![License](https://img.shields.io/badge/license-MIT-red.svg)](LICENSE)

[![Status](https://img.shields.io/badge/status-stable-brightgreen.svg)]()



---

## 📋 Table of Contents

- [Overview](#-overview)

- [Features](#-features)

- [Prerequisites](#-prerequisites)

- [Installation](#-installation)

- [Usage](#-usage)

- [How It Works](#-how-it-works)

- [Technical Details](#-technical-details)

- [Configuration](#-configuration)

- [Disclaimer](#-disclaimer)

- [License](#-license)

- [Contributing](#-contributing)

---

## 🎯 Overview

**PEGASUS RCE** is a sophisticated penetration testing tool that exploits a Remote Code Execution vulnerability in the **WordPress Backup Backup plugin**. The tool leverages advanced PHP filter chain techniques to achieve arbitrary code execution on vulnerable WordPress installations.

> ⚠️ **IMPORTANT**: This tool is intended for authorized security testing and educational purposes only. Always obtain proper permission before testing any system.



---

## ✨ Features

| Feature | Description |

|---------|-------------|

| 🚀 **Multi-threading** | Concurrent scanning with up to 75 threads |

| 🔧 **PHP Filter Chains** | Advanced encoding bypass techniques |

| 🎲 **Randomized Payloads** | Dynamic filename generation to avoid detection |

| 🌈 **Colored Output** | Real-time visual feedback with colorama |

| 📁 **Results Export** | Automatic saving of successful shells |

| 🔄 **User-Agent Rotation** | Bypass basic WAF rules |

| 🛡️ **SSL Bypass** | Ignore SSL certificate validation |

| ⏱️ **Timeout Handling** | Prevent hanging requests |

---

# 💰 Premium Access – Bayar dengan Bitcoin atau Saweria

Halaman pembayaran sederhana untuk menerima donasi atau akses premium via **Bitcoin** dan **Saweria**.



  

    

  

    

  

    

  



https://github.com/user-attachments/assets/1441100c-3e39-45b6-8d36-19d69ac994a9

---

## 📦 Prerequisites

Before using PEGASUS RCE, ensure you have the following installed:

```bash

# Python 3.7 or higher

python --version

# Required Python packages

pip install requests

pip install colorama

pip install urllib3