Cover your tracks during Linux Exploitation / Penetration Testing by leaving zero traces on system logs and filesystem timestamps. moonwalk is a 400 KB single-binary executable that can clear your traces while penetration testing a Unix machine. It saves the state of system logs pre-exploitation and reverts that state including the filesystem timestamps post-exploitation leaving zero traces of a ghost in the shell.

Features

  • Documentation available
  • Get started quickly with a curl fetch to your target machine
  • Performs all session commands including logging, trace clearing, and filesystem operations in under 5 milliseconds
  • To save the state of system logs, moonwalk finds a world-writable path and saves the session under a dot directory which is removed upon ending the session
  • Instead of clearing the whole history file, moonwalk reverts it back to how it was including the invokation of moonwalk
  • Hide from the Blue Team by reverting the access/modify timestamps of files back to how it was using the GET command

Project Samples

moonwalk Screenshot 1

Project Activity

See All Activity >

Categories

File Systems

License

MIT License

Follow moonwalk

moonwalk Web Site

You Might Also Like
Gen AI apps are built with MongoDB Atlas Icon
Gen AI apps are built with MongoDB Atlas

The database for AI-powered applications.

MongoDB Atlas is the developer-friendly database used to build, scale, and run gen AI and LLM-powered apps—without needing a separate vector database. Atlas offers built-in vector search, global availability across 115+ regions, and flexible document modeling. Start building AI apps faster, all in one place.
Start Free
Rate This Project
Login To Rate This Project

User Reviews

Be the first to post a review of moonwalk!

Additional Project Details

Operating Systems

Linux, Mac, Windows

Programming Language

Rust

Related Categories

Rust File Systems

Registered

2024-07-08
Report inappropriate content