{"id":23960547,"url":"https://github.com/r3drun3/vermilion","last_synced_at":"2025-10-24T23:48:03.527Z","repository":{"id":270827568,"uuid":"911246612","full_name":"R3DRUN3/vermilion","owner":"R3DRUN3","description":"Linux post exploitation tool for info gathering and exfiltration 🐧📡💀","archived":false,"fork":false,"pushed_at":"2025-02-14T13:30:15.000Z","size":6629,"stargazers_count":62,"open_issues_count":0,"forks_count":11,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-03-27T00:54:56.603Z","etag":null,"topics":["exfiltration","golang","info-gathering","info-stealing","linux","redteam","redteam-tools"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/R3DRUN3.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2025-01-02T15:17:35.000Z","updated_at":"2025-03-24T08:19:20.000Z","dependencies_parsed_at":"2025-01-03T11:42:37.074Z","dependency_job_id":"213eff91-3cb9-432d-bdba-89346f45d704","html_url":"https://github.com/R3DRUN3/vermilion","commit_stats":null,"previous_names":["r3drun3/vermilion"],"tags_count":5,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/R3DRUN3%2Fvermilion","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/R3DRUN3%2Fvermilion/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/R3DRUN3%2Fvermilion/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/R3DRUN3%2Fvermilion/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/R3DRUN3","download_url":"https://codeload.github.com/R3DRUN3/vermilion/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248689375,"owners_count":21145923,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["exfiltration","golang","info-gathering","info-stealing","linux","redteam","redteam-tools"],"created_at":"2025-01-06T19:29:46.271Z","updated_at":"2025-10-24T23:48:03.474Z","avatar_url":"https://github.com/R3DRUN3.png","language":"Go","readme":"# vermilion  \n\n[![CI](https://img.shields.io/github/actions/workflow/status/R3DRUN3/vermilion/ci.yml?label=CI)](https://github.com/R3DRUN3/vermilion/actions/workflows/ci.yml)  [![License: Unlicense](https://img.shields.io/badge/license-Unlicense-blue.svg)](http://unlicense.org/)  ![Red Team Badge](https://img.shields.io/badge/Team-Red-red) [![Go Report Card](https://goreportcard.com/badge/github.com/r3drun3/vermilion)](https://goreportcard.com/report/github.com/r3drun3/vermilion)  \n\n\u003cimg src=\"./docs/media/vermilion_logo.png\" width=\"250x\" /\u003e  \n\n\nLinux post exploitation tool for info gathering and exfiltration 🐧 📡 💀\n\n\n\n## Abstract  \n`Vermilion` is a simple and lightweight CLI tool designed for rapid collection, and optional exfiltration of sensitive information from Linux systems.  \nIts primary purpose is to streamline the process of gathering critical data in red teaming scenarios.  \n\n\n\u003e [!CAUTION]  \n\u003e Vermilion has been designed as a resource for red teamers and security researchers.  \n\u003e The author assumes no responsibility for the weaponization of this tool or the improper handling of sensitive data collected through its use.  \n\n\n## How It Works \n**Vermilion**  is a Linux-focused tool designed for efficient information gathering and sensitive data exfiltration. It collects: \n- **System Information** : OS details, hostname, network configurations, public and local IPs, active connections, system uptime, and more.\n \n- **Environment Variables** : Captures all available environment variables.\n \n- **User and System Files** : Gathers sensitive directories and files, including: \n  - User-specific files: `.ssh`, `.bash_history`, `.zsh_history`, `.aws`, `.docker`, `.kube`, `.azure`, `.gnupg`, `.git-credentials`, and more.\n \n  - System-level files: `/etc/passwd`, `/etc/shadow`, `/etc/group`, `/etc/hostname`, `/etc/hosts`, `/etc/ssl`, and cron configurations.\n\n  - Logs and temporary files: Authentication logs, system logs, and temporary files.\n \n- **User Enumeration** : Automatically enumerates all system users and collects sensitive files from accessible home directories.\n\nThe tool creates a compressed archive of the collected data for easy local storage or exfiltration to a specified endpoint.  \nAdditionally, it provides the option to exfiltrate the collected data via an HTTP `POST` request to a specified endpoint.   \n\nThe implementation of the endpoint for exfiltration is outside the scope of this tool; for an example, refer to [*this*](https://github.com/R3DRUN3/sploitcraft/tree/main/red-team-infra#deploy-a-lambda-function-for-data-exfiltration) resource.  \n\nVermilion supports `amd64`, `arm` and `arm64` architectures.\n\n\n## Example Use Case   \nImagine being engaged in a red teaming campaign and successfully compromising a user on a Linux machine.    \nLinux environments often are treasure trove of sensitive data and information due to their use as servers and their integration with other systems and softwares.  \nTherefore, it is crucial to have an automated tool that enables rapid collection and exfiltration of sensitive information, such as environment variables and strategic directories, within seconds.  \n\nThis is where *Vermilion* proves helpful!   \n\nSince many modern production environments are based on Linux, Vermilion proves to be a highly versatile tool.   \nRead [*this article*](https://www.neteye-blog.com/2025/01/inside-the-red-team-toolbox-linux-info-gathering/) to discover how Vermilion helped us identify a suboptimal configuration in GitHub Actions cloud runners.\n\n### Video Demo\n\n\n\nhttps://github.com/user-attachments/assets/ee49acea-4cc7-49af-83d7-89233934fd99\n\n\n\n\n\n\n## Getting Started  \n\nIn order to get started with vermilion, follow the [*docs*](./docs/README.md).  \n\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fr3drun3%2Fvermilion","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fr3drun3%2Fvermilion","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fr3drun3%2Fvermilion/lists"}