Quantcast
Channel: Backdoor – Security List Network™
Viewing all articles
Browse latest Browse all 164

redsails – a post exploitation for bypassing host based security monitoring and logging.

$
0
0

RedSails is a Python based post-exploitation project aimed at bypassing host based security monitoring and logging.
A post-exploitation tool capable of:
+ maintaining persistence on a compromised machine
+ subverting many common host event logs (both network and account logon)
+ generating false logs / network traffic
Based on [PyDivert] (https://github.com/ffalcinelli/pydivert), a Python binding for WinDivert, a Windows driver that allows user-mode applications to capture/modify/drop network packets sent to/from the Windows network stack.

Built for Windows operating systems newer than Vista and Windows 2008 (including Windows 7, Windows 8 and Windows 10).

redsails

Dependencies:
+ Python 2.7.x
+ pydivert, pbkdf2 and pycrypto python library
+ Pycrypto may have a dependency on [Microsoft Visual C++ Compiler for Python 2.7] (http://aka.ms/vcpython27)

Usage:

git clone https://github.com/BeetleChunks/redsails && cd redsails
pip install pydivert pbkdf2
easy_install pycrypto
Pycrypto may have a dependency on [Microsoft Visual C++ Compiler for Python 2.7] (http://aka.ms/vcpython27)

python redSails.py <ip address> <445>
cd client
python redSailsClient.py <ip address> <445>

Source: https://github.com/BeetleChunks


Viewing all articles
Browse latest Browse all 164

Trending Articles