{"id":13343207,"url":"https://github.com/offsh/offsh","last_synced_at":"2025-03-12T04:32:55.749Z","repository":{"id":53169061,"uuid":"316925040","full_name":"offsh/offsh","owner":"offsh","description":"Xonsh-powered pentesting framework.","archived":false,"fork":false,"pushed_at":"2021-07-11T16:47:48.000Z","size":603,"stargazers_count":6,"open_issues_count":0,"forks_count":1,"subscribers_count":2,"default_branch":"main","last_synced_at":"2024-07-30T21:06:33.331Z","etag":null,"topics":["pentesting","security","wazuh","xonsh","xxh"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/offsh.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2020-11-29T10:21:34.000Z","updated_at":"2024-02-03T08:39:25.000Z","dependencies_parsed_at":"2022-09-14T09:51:03.630Z","dependency_job_id":null,"html_url":"https://github.com/offsh/offsh","commit_stats":null,"previous_names":[],"tags_count":6,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/offsh%2Foffsh","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/offsh%2Foffsh/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/offsh%2Foffsh/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/offsh%2Foffsh/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/offsh","download_url":"https://codeload.github.com/offsh/offsh/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":221270035,"owners_count":16788788,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["pentesting","security","wazuh","xonsh","xxh"],"created_at":"2024-07-29T19:30:42.605Z","updated_at":"2024-10-24T03:30:31.043Z","avatar_url":"https://github.com/offsh.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003c!-- PROJECT LOGO --\u003e\n\u003cbr /\u003e\n\u003cp align=\"center\"\u003e\n  \n  ![](images/LOGO_LARGE.png)\n\n  \u003ch3 align=\"center\"\u003eOffShell\u003c/h3\u003e\n\n  \u003cp align=\"center\"\u003e\n    A Xonsh-powered framework to build shells designed with pentesting in mind.\n    \u003cbr /\u003e\n  \u003c!--\n    \u003ca href=\"https://github.com/offsh/offshell\"\u003e\u003cstrong\u003eExplore the docs »\u003c/strong\u003e\u003c/a\u003e\n    \u003cbr /\u003e\n    \u003cbr /\u003e\n    \u003ca href=\"https://github.com/offsh/offshell\"\u003eView Demo\u003c/a\u003e\n    ·\n    \u003ca href=\"https://github.com/offsh/offshell/issues\"\u003eReport Bug\u003c/a\u003e\n--\u003e\n    ·\n    \u003ca href=\"https://github.com/offsh/offshell/issues\"\u003eRequest Feature\u003c/a\u003e\n  \u003c/p\u003e\n\u003c/p\u003e\n\n\n\n\u003c!-- TABLE OF CONTENTS --\u003e\n\u003cdetails open=\"open\"\u003e\n  \u003csummary\u003e\u003ch2 style=\"display: inline-block\"\u003eTable of Contents\u003c/h2\u003e\u003c/summary\u003e\n  \u003col\u003e\n    \u003cli\u003e\n      \u003ca href=\"#about-the-project\"\u003eAbout The Project\u003c/a\u003e\n      \u003cul\u003e\n        \u003cli\u003e\u003ca href=\"#built-with\"\u003eBuilt With\u003c/a\u003e\u003c/li\u003e\n      \u003c/ul\u003e\n    \u003c/li\u003e\n    \u003cli\u003e\n      \u003ca href=\"#getting-started\"\u003eGetting Started\u003c/a\u003e\n      \u003cul\u003e\n        \u003cli\u003e\u003ca href=\"#prerequisites\"\u003ePrerequisites\u003c/a\u003e\u003c/li\u003e\n        \u003cli\u003e\u003ca href=\"#installation\"\u003eInstallation\u003c/a\u003e\u003c/li\u003e\n      \u003c/ul\u003e\n    \u003c/li\u003e\n    \u003cli\u003e\u003ca href=\"#usage\"\u003eUsage\u003c/a\u003e\u003c/li\u003e\n    \u003cli\u003e\u003ca href=\"#roadmap\"\u003eRoadmap\u003c/a\u003e\u003c/li\u003e\n    \u003cli\u003e\u003ca href=\"#Build\"\u003eBuild\u003c/a\u003e\u003c/li\u003e\n    \u003cli\u003e\u003ca href=\"#contributing\"\u003eContributing\u003c/a\u003e\u003c/li\u003e\n    \u003cli\u003e\u003ca href=\"#license\"\u003eLicense\u003c/a\u003e\u003c/li\u003e\n    \u003cli\u003e\u003ca href=\"#contact\"\u003eContact\u003c/a\u003e\u003c/li\u003e\n    \u003cli\u003e\u003ca href=\"#acknowledgements\"\u003eAcknowledgements\u003c/a\u003e\u003c/li\u003e\n  \u003c/ol\u003e\n\u003c/details\u003e\n\n\n\n\u003c!-- ABOUT THE PROJECT --\u003e\n## About The Project\n\nThis project includes tools to build portable images of a Python shell (powered by xonsh and with xxh support) destinated to be used for pentesting and bug bounties (among others, ethical, hacking purposes).\n\nIt includes an easy way to build custom appimages with a portable shell (that could be run in Linux, Unix, Windows and others OS without any trouble) that supports Python sintax and may include additional toosl. \n\nThis image is intended to be used along with xxh proyect so you could extend it's functionality through the network using ssh connections. For example: you could connect to an old Solaris machine using xxh and easily run your portable image with all your plugins, configurations and additionally installed tools.\n\n\n### Built With\n\n* [Xonsh](https://github.com/xonsh/xonsh) - Python-powered shell.\n* [xxh](https://github.com/xxh/xxh) - Bring your favorite shell wherever you go through the ssh.\n\n### Compatible with\n\n* [Wazuh](https://github.com/wazuh/wazuh) - The Open Source Security Platform: Wazuh is a tool that can be used to gather, decode and analyze logs. Offshell can be integrated with Wazuh by sending the logs generated by our history backend plugin to Wazuh to be analyzed and indexed into a search engine such as Elasticsearch (or OpenSearch, soon). Also, Wazuh can analyze the received logs and generate alerts based on some pre-defined rules for interesting security events such as detected vulnerabilities or privilege escalations.\n\n\n\u003c!-- GETTING STARTED --\u003e\n## Getting Started\n\n### Installation of official images.\n\n**Important: the appimage requires Git to properly work!**\n\nWe have some pre-built images available here at Github.\n\nIt is not required to install Xonsh, you only need to download the last built appimage and make it executable to run the shell.\n\nDownload Xonsh:\n```\nsudo wget -q https://github.com/offsh/offsh/releases/download/0.0.2/xonsh -O /bin/xonsh\nsudo chmod a+x /bin/xonsh\n```\n\nThe appimage includes the xxh package but not the configuration file. You should also download the configuration file for xonsh:\n\n```\nwget -q https://raw.githubusercontent.com/offsh/offshell/main/xonshrc -O ~/.xonshrc\nmkdir -p ~/.config/xxh/\nwget -q https://raw.githubusercontent.com/offsh/xxh/master/config.xxhc -O ~/.config/xxh/config.xxhc\n```\n\n### Make it default\n\nOptionally, you could make this your default shell by running:\n\n```\n$ echo \"/bin/xonsh\" \u003e\u003e /etc/shells\n# chsh -s /bin/xonsh\n```\n\n\n## Log data collection\n\nAfter running the shell, the offshell syslog data collection plugin would be enabled, you just need to run the following command for more informatio-\n\n```\nhistory info\n```\n\n### Integration with Wazuh\n\nTo integrate this with Wazuh, you need a Wazuh Manager server running in another machine. Then, you have to install Wazuh agent in your server by following this guide: https://documentation.wazuh.com/4.0/installation-guide/wazuh-agent/\n\n\nYou would check (among other things) your syslog filename. You should mark it for being analyzed in Wazuh configuration using a block like this one:\n\n```\n\u003clocalfile\u003e\n  \u003clocation\u003e/home/*/.local/share/xonsh/syslog/shell_profiler.log\u003c/location\u003e\n  \u003clog_format\u003esyslog\u003c/log_format\u003e\n\u003c/localfile\u003e\n```\n\nAfter adding that block to your ossec.conf file, if you agent is correctly connected to a Wazuh manager it woud start sending information about exeuted commands to your server and it will index it to a Elasticsearch index.\n\nFinally, you would need to add the rules and decoders from https://github.com/offsh/offshell/tree/main/ruleset to `/var/ossec/etc/rules` and `/var/ossec/etc/decoders/`\n\n## Build\n\nYou can modify this proyect and build your own appimages using the tools included in the build_appimage directory.\n\nFor example, to include more python depedencies in the appimage you only need to modify the `pre-requirements.txt` file.\n\nYou could also modify the xonsh/xxh configuration file to add functionalities, plugins, aliases, etc..\n\n\n\u003c!-- ROADMAP --\u003e\n## Roadmap\n\nSee the [open issues](https://github.com/offsh/offshell/issues) for a list of proposed features (and known issues).\n\n\n\n\u003c!-- CONTRIBUTING --\u003e\n## Contributing\n\nContributions are what make the open source community such an amazing place to be learn, inspire, and create. Any contributions you make are **greatly appreciated**.\n\n1. Fork the Project\n2. Create your Feature Branch (`git checkout -b feature/AmazingFeature`)\n3. Commit your Changes (`git commit -m 'Add some AmazingFeature'`)\n4. Push to the Branch (`git push origin feature/AmazingFeature`)\n5. Open a Pull Request\n\n\n\n\u003c!-- LICENSE --\u003e\n## License\n\nDistributed under the GLP3 License. See `LICENSE` for more information.\n\n\n\n\u003c!-- CONTACT --\u003e\n## Contact\n\nFrancisco Navarro - [@SpotH0und](https://twitter.com/SpotH0und) - Navarromoralesdev@gmail.com\n\nProject Link: [https://github.com/offsh/offshell](https://github.com/offsh/offshell)\n\n\n\n\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Foffsh%2Foffsh","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Foffsh%2Foffsh","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Foffsh%2Foffsh/lists"}