{"id":13936432,"url":"https://github.com/BeetleChunks/redsails","last_synced_at":"2025-07-19T22:30:26.915Z","repository":{"id":87863485,"uuid":"104587626","full_name":"BeetleChunks/redsails","owner":"BeetleChunks","description":"RedSails is a Python based post-exploitation project aimed at bypassing host based security monitoring and logging. DerbyCon 2017 Talk: https://www.youtube.com/watch?v=Ul8uPvlOsug","archived":false,"fork":false,"pushed_at":"2017-10-18T00:49:51.000Z","size":111,"stargazers_count":305,"open_issues_count":4,"forks_count":72,"subscribers_count":18,"default_branch":"master","last_synced_at":"2024-08-08T23:23:38.871Z","etag":null,"topics":["event-logging","firewall","kernel-driver","pydivert","python","windivert","windows"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/BeetleChunks.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-09-23T17:54:16.000Z","updated_at":"2024-07-27T20:22:50.000Z","dependencies_parsed_at":"2023-03-13T06:00:35.131Z","dependency_job_id":null,"html_url":"https://github.com/BeetleChunks/redsails","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BeetleChunks%2Fredsails","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BeetleChunks%2Fredsails/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BeetleChunks%2Fredsails/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BeetleChunks%2Fredsails/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/BeetleChunks","download_url":"https://codeload.github.com/BeetleChunks/redsails/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":226686718,"owners_count":17666928,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["event-logging","firewall","kernel-driver","pydivert","python","windivert","windows"],"created_at":"2024-08-07T23:02:40.038Z","updated_at":"2024-11-27T04:31:01.917Z","avatar_url":"https://github.com/BeetleChunks.png","language":"Python","readme":"# Redsails\n\n## About\nA post-exploitation tool capable of:\n-\tmaintaining persistence on a compromised machine\n-\tsubverting many common host event logs (both network and account logon)\n-\tgenerating false logs / network traffic\n\nBased on [PyDivert] (https://github.com/ffalcinelli/pydivert), a Python binding for [WinDivert](https://www.reqrypt.org/windivert.html), a Windows driver that allows user-mode applications to capture/modify/drop network packets sent to/from the Windows network stack.\n\nBuilt for Windows operating systems newer than Vista and Windows 2008 (including Windows 7, Windows 8 and Windows 10).\n\n## Dependencies\n  Redsails has dependencies PyDivert and WinDivert. You can resolve those dependencies by running:\n  #### `pip install pydivert`\n  #### `pip install pbkdf2`\n \n Pycrypto is also needed.\n  #### `easy_install pycrypto`\n  Pycrypto may have a dependency on [Microsoft Visual C++ Compiler for Python 2.7] (http://aka.ms/vcpython27)\n  \n## Usage\n- Server (victim host you are attacking)\n  #### `redSails.py`\n  \n  Or if the victim does not have python installed, you can run provided exe (or compile your own! instructions below)\n  #### `redSails.exe\n\n- Client (attacker)\n  #### `redSailsClient.py \u003cip\u003e \u003cport\u003e`\n\n## Creating an executable\n  To compile an exe (for deployment) inlieu of the python script, you will need pyinstaller:\n  #### `pip install pyinstaller`\n  \n  Then you can create the exe:\n  #### `pyinstaller-script.py -F --clean redSails.spec`\n  \n## License\n\nCopyright (C) 2017 Robert J. McDown, Joshua Theimer\n\nThis program is free software: you can redistribute it and/or modify\nit under the terms of the GNU General Public License as published by\nthe Free Software Foundation, either version 3 of the License, or\n(at your option) any later version.\n\nThis program is distributed in the hope that it will be useful,\nbut WITHOUT ANY WARRANTY; without even the implied warranty of\nMERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the\nGNU General Public License for more details.\n\nYou should have received a copy of the GNU General Public License\nalong with this program.  If not, see \u003chttp://www.gnu.org/licenses/\u003e.\n\n","funding_links":[],"categories":["Python"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FBeetleChunks%2Fredsails","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FBeetleChunks%2Fredsails","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FBeetleChunks%2Fredsails/lists"}