Linux Implant Suite
Linux persistence, container escape, and pivot tooling for red team operations.
What It Does
Creates systemd service backdoors for persistent access, establishes SSH pivot tunnels for lateral movement through compromised hosts, and executes container breakout techniques including privileged container abuse, Docker socket exploitation, and capability-based escapes. Zero-compilation — pure Python and shell scripting.
Scripts
| Script | Description |
|---|---|
systemd_backdoor | Systemd service backdoor — registers persistence service, reverses or binds shells |
ssh_pivot | SSH pivot tunnel — dynamic SOCKS proxy, reverse forwarding, key planting |
container_breakout | Container breakout — privileged mode, Docker socket, cap_sys_admin, cgroup escape |
When to Use
Use on compromised Linux hosts after gaining shell access. Run container_breakout if inside a container, then systemd_backdoor for persistence, and ssh_pivot to tunnel further into the internal network.
Usage
RedTeamScript(skill="linux-implant-suite", script="container_breakout", args="--session-id 42 --check-privileged --check-socket")