RedSails is a Python based post-exploitation project aimed at bypassing host based security monitoring and logging.
A post-exploitation tool capable of:
+ maintaining persistence on a compromised machine
+ subverting many common host event logs (both network and account logon)
+ generating false logs / network traffic
Based on [PyDivert] (https://github.com/ffalcinelli/pydivert), a Python binding for WinDivert, a Windows driver that allows user-mode applications to capture/modify/drop network packets sent to/from the Windows network stack.
Built for Windows operating systems newer than Vista and Windows 2008 (including Windows 7, Windows 8 and Windows 10).
Dependencies:
+ Python 2.7.x
+ pydivert, pbkdf2 and pycrypto python library
+ Pycrypto may have a dependency on [Microsoft Visual C++ Compiler for Python 2.7] (http://aka.ms/vcpython27)
Usage:
git clone https://github.com/BeetleChunks/redsails && cd redsails pip install pydivert pbkdf2 easy_install pycrypto Pycrypto may have a dependency on [Microsoft Visual C++ Compiler for Python 2.7] (http://aka.ms/vcpython27) python redSails.py <ip address> <445> cd client python redSailsClient.py <ip address> <445>
Source: https://github.com/BeetleChunks