moonwalk

Cover your tracks during Linux Exploitation / Penetration Testing by leaving zero traces on system logs and filesystem timestamps. moonwalk is a 400 KB single-binary executable that can clear your traces while penetration testing a Unix machine. It saves the state of system logs pre-exploitation and reverts that state including the filesystem timestamps post-exploitation leaving zero traces of a ghost in the shell.

Features

Documentation available
Get started quickly with a curl fetch to your target machine
Performs all session commands including logging, trace clearing, and filesystem operations in under 5 milliseconds
To save the state of system logs, moonwalk finds a world-writable path and saves the session under a dot directory which is removed upon ending the session
Instead of clearing the whole history file, moonwalk reverts it back to how it was including the invokation of moonwalk
Hide from the Blue Team by reverting the access/modify timestamps of files back to how it was using the GET command

Project Samples

Project Activity

See All Activity >

License

MIT License

Follow moonwalk

moonwalk Web Site

Other Useful Business Software

Auth0 for AI Agents now in GA

Ready to implement AI with confidence (without sacrificing security)?

Connect your AI agents to apps and data more securely, give users control over the actions AI agents can perform and the data they can access, and enable human confirmation for critical agent actions.

Start building today

Rate This Project

User Reviews

Be the first to post a review of moonwalk!

Additional Project Details

Operating Systems

Linux, Mac, Windows

Programming Language

Rust

Related Categories

Rust File Systems

Registered

2024-07-08

Similar Business Software

Grafana

Grafana Labs provides an open and composable observability stack built around Grafana, the leading open source technology for dashboards and visualization. Recognized as a 2025 Gartner® Magic Quadrant™ Leader for Observability Platforms and positioned furthest to the right for Completeness of...

See Software
New Relic

There are an estimated 25 million engineers in the world across dozens of distinct functions. As every company becomes a software company, engineers are using New Relic to gather real-time insights and trending data about the performance of their software so they can be more resilient and...

See Software
ManageEngine Endpoint Central

ManageEngine Endpoint Central is built to secure the digital workplace while also giving IT teams complete control over their enterprise endpoints. It delivers a security-first approach by combining advanced endpoint protection with comprehensive management, allowing IT teams to manage the...

See Software
AdRem NetCrunch

NetCrunch is a powerful, scalable, all-in-one network monitoring system built for modern IT environments. It supports agentless monitoring of thousands of devices, covering SNMP, servers, virtualization (VMware, Hyper-V), cloud (AWS, Azure, GCP), traffic flows (NetFlow, sFlow), logs, and custom...

See Software
JDisc Discovery

JDisc Discovery is a comprehensive network inventory and IT asset management solution designed to help organizations gain clear, up-to-date visibility into their IT environment. It automatically scans and maps devices across the network, including servers, workstations, virtual machines, and...

See Software
Google Cloud Platform

Google Cloud is a cloud-based service that allows you to create anything from simple websites to complex applications for businesses of all sizes. New customers get $300 in free credits to run, test, and deploy workloads. All customers can use 25+ products for free, up to monthly usage...

See Software

Report inappropriate content