A
reverse shell connects from the target back to the attacker's listener — bypassing firewalls and NAT that block inbound connections.
Target → attacker (reverse). Attacker → target (bind shell — requires inbound port open). Reverse shells bypass outbound filtering only if the port is allowed (443/80 best). Listeners: nc -lvnp 4444. Metasploit handler: use multi/handler. Encrypted shells (socat, meterpreter) evade cleartext inspection.