From af1955152ec0a88d53245401fd5393b63c7d5eb7 Mon Sep 17 00:00:00 2001 From: sundowndev Date: Tue, 29 Nov 2022 15:40:50 +0400 Subject: [PATCH] docs: readme --- LICENSE | 2 +- README.md | 66 ++++++++++++++++++++++++++++++++++++------------------- 2 files changed, 44 insertions(+), 24 deletions(-) diff --git a/LICENSE b/LICENSE index 500d62a..8ce8991 100644 --- a/LICENSE +++ b/LICENSE @@ -1,6 +1,6 @@ MIT License -Copyright (c) 2020 Raphaël Cerveaux +Copyright (c) 2022 Raphaël Cerveaux Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/README.md b/README.md index bbf776c..ff662c0 100644 --- a/README.md +++ b/README.md @@ -1,53 +1,73 @@ -# covermyass +## *covermyass* ## [![Build status](https://github.com/sundowndev/covermyass/workflows/Go%20build/badge.svg)](https://github.com/sundowndev/covermyass/actions) [![Tag](https://img.shields.io/github/tag/SundownDEV/covermyass.svg)](https://github.com/sundowndev/covermyass/releases) -## About +### About ### -Covermyass is a post-exploitation tool to cover your tracks on various operating systems (Linux, Darwin, Windows, ...). It was designed for penetration testing "covering tracks" phase, before exiting the infected server. At any time, you can run the tool to find which log files exists on the system, then run again later to erase those files. The tool will tell you which file can be erased with the current user permissions. Files are overwritten repeatedly with random data, in order to make it harder for even very expensive hardware probing to recover the data. +**Covermyass** is a post-exploitation tool to cover your tracks on various operating systems (Linux, Darwin, Windows, ...). It was designed for penetration testing "covering tracks" phase, before exiting the infected server. At any time, you can run the tool to find which log files exists on the system, then run again later to erase those files. The tool will tell you which file can be erased with the current user permissions. Files are overwritten repeatedly with random data, in order to make it harder for even very expensive hardware probing to recover the data. -## Installation +### Current status ### -With sudo +This tool is still in beta. Upcoming versions might bring breaking changes. For now, we're focusing Linux and Darwin support, Windows may come later. + +### Installation ### + +Download the latest release : ```bash -sudo curl -sSL https://github.com/sundowndev/covermyass/releases/latest/download/covermyass_Linux_x86_64 -o /usr/bin/covermyass -sudo chmod +x /usr/bin/covermyass +curl -sSL https://github.com/sundowndev/covermyass/releases/latest/download/covermyass_linux_amd64 -o ./covermyass +chmod +x ./covermyass ``` -Without sudo : +### Usage ### + +``` +$ covermyass -h + +Usage: + covermyass [flags] + +Examples: + +Overwrite log files as well as those found by path /db/*.log +covermyass --write -p /db/*.log + +Overwrite log files 5 times with a final overwrite with zeros to hide shredding +covermyass --write -z -n 5 + + +Flags: + -f, --filter strings File paths to ignore (supports glob patterns) + -h, --help help for covermyass + -n, --iterations int Overwrite N times instead of the default (default 3) + -l, --list Show files in a simple list format. This will prevent any write operation + --no-read-only Exclude read-only files in the list. Must be used with --list + -v, --version version for covermyass + --write Erase found log files. This WILL shred the files! + -z, --zero Add a final overwrite with zeros to hide shredding -```bash -curl -sSL https://github.com/sundowndev/covermyass/releases/latest/download/covermyass_Linux_x86_64 -o ~/.local/bin/covermyass -chmod +x ~/.local/bin/covermyass ``` -Keep in mind that without sudo privileges, you *might* be unable to clear system-level log files. - -## Usage - -Run an analysis to find log files : +First, run an analysis. This will not erase anything. ``` covermyass ``` -Clear log files instantly : +When you acknowledged the results, erase those files. ``` covermyass --write ``` -Add custom file paths : - -``` -covermyass -p '/db/**/*.log' -``` - Filter out some paths : ``` covermyass -f '/foo/bar/*.log' covermyass -f '/foo/bar.log' ``` + +### License ### + +**covermyass** is licensed under the MIT license. Refer to [LICENSE](LICENSE) for more information. \ No newline at end of file