Skip to content
/ Chainsaw Public

Process callbacks from red team implants, parse and send to ELK

4 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

degenerat3/Chainsaw

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

40 Commits
app
app
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
README.md
README.md
 
 
app.py
app.py
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

Chainsaw

Process callbacks from client tools, parse and send to ELK

Server

The server is a dockerized flask server with endpoints to receive JSON from various redteam tools. For now, it will be ScavengerPro and Campfire. The flask app will take that JSON, parse it into a log file (which will be easier for logstash to process), then use filebeat to ship that log file to our redteam ELK stack.

Environment Variables

You can set the following environment variables to change the way that Chainsaw will act

  • FLASK_HOST The IP that Flask will listen on. Defaults to 0.0.0.0
  • FLASK_PORT The port that Flask will listen on. Defaults to 5000
  • FLASK_DEBUG Whether or not Flask should run in Debug mode. Defaults to True
  • SYSLOG_HOST The syslog host to send the logs to
  • SYSLOG_PORT The syslog port to send the logs to
  • LOGFILE If not using syslog, write the logs to this file

About

Process callbacks from red team implants, parse and send to ELK

Resources

Readme
Activity

Stars

4 stars

Watchers

1 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages