uploadshells — a file transfer cheatsheet for labs and CTF

I was tired of manually replacing IPs and ports in transfer commands mid-engagement. So I built a static cheatsheet that does it for you — 48 methods, filterable by OS and direction, no backend.

Published: 2026-05-07
Updated: 2026-05-07
Category: pentest
📖 1 min read
pentest cheatsheet tools
uploadshells — a file transfer cheatsheet for labs and CTF

I built a file transfer cheatsheet for pentest and CTF

Every time I land a shell during a lab or a pentest engagement, the same question comes up: how do I get a file onto this machine, or pull something off it? The answer depends on what is available, Python, curl, PowerShell, netcat, and whether I need to push a payload to the victim or exfiltrate data back to my machine.

I have been keeping a personal list of commands for years. It worked, but it was slow. I had to open a file, find the right command, manually replace the IP, the port, and the filename, then paste it in. Every time. It is not a complex problem, but it adds up.

So I adapted my cheatsheet to fix it.

What it does

UploadShells is a static web cheatsheet that covers every file transfer technique I have needed across CTF platforms and real engagements. You set three values at the top (LHOST, LPORT, and filename) and every command on the page updates instantly with your values filled in. You click copy, you paste, you move on.

No backend. No login. No account. It runs entirely in the browser.

What it covers

The methods are grouped by protocol and tool:

  • HTTP servers — Python 2/3, PHP, Ruby, BusyBox, Node.js, a pure PowerShell listener
  • wget / curl — download, upload via POST and PUT
  • PowerShell — WebClient, Invoke-WebRequest, certutil, bitsadmin, Base64 one-liners
  • Netcat / Socat — send and receive in both directions, Base64 stream, tar and tar.gz over the wire, SSL-encrypted transfers with OpenSSL
  • SMB — Impacket smbserver (unauthenticated and authenticated), WebDAV via wsgidav
  • FTP — pyftpdlib server, non-interactive one-liner for cmd.exe
  • TFTP — atftpd, tftpy
  • SCP / SSH — pull, push, SFTP interactive session, rsync, cat pipe for when SCP is not available
  • Base64 / xxd — for when no network port is available and you need to paste encoded content through a terminal
  • Exfiltration — DNS tunneling via dnscat2, ICMP via icmpsh for when all TCP and UDP is filtered

Each entry shows two commands: one for the attacker machine and one for the victim. The labels make it clear which side does what.

If you spend time in Labs or do pentesting work, give it a try. The goal is simple: stop wasting time retyping the same commands, and have something reliable open in a tab when you need it.

Open uploadshells