Redsails Save

RedSails is a Python based post-exploitation project aimed at bypassing host based security monitoring and logging. DerbyCon 2017 Talk:

Project README



A post-exploitation tool capable of:

  • maintaining persistence on a compromised machine
  • subverting many common host event logs (both network and account logon)
  • generating false logs / network traffic

Based on [PyDivert] (, a Python binding for WinDivert, a Windows driver that allows user-mode applications to capture/modify/drop network packets sent to/from the Windows network stack.

Built for Windows operating systems newer than Vista and Windows 2008 (including Windows 7, Windows 8 and Windows 10).


Redsails has dependencies PyDivert and WinDivert. You can resolve those dependencies by running:

pip install pydivert

pip install pbkdf2

Pycrypto is also needed.

easy_install pycrypto

Pycrypto may have a dependency on [Microsoft Visual C++ Compiler for Python 2.7] (


  • Server (victim host you are attacking)

    Or if the victim does not have python installed, you can run provided exe (or compile your own! instructions below)


  • Client (attacker) <ip> <port>

Creating an executable

To compile an exe (for deployment) inlieu of the python script, you will need pyinstaller:

pip install pyinstaller

Then you can create the exe: -F --clean redSails.spec


Copyright (C) 2017 Robert J. McDown, Joshua Theimer

This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program. If not, see

Open Source Agenda is not affiliated with "Redsails" Project. README Source: BeetleChunks/redsails
Open Issues
Last Commit
5 years ago

Open Source Agenda Badge

Open Source Agenda Rating