This repo is apart of the warmind project for a clone of the code see here or you can get the code from here. For a version you can download with curl/wget see here.

Post exploitation tools are far and in between, they are used after you have successfully exploited a system and need to either;

• Do some things, pull hashes, ip addresses, etc.
• Map the network
• Anything that has to do with being on the network itself that you don't want to be caught doing

What soa.py does is create a sort of container that will host a root terminal shell while the log files are being monitored (default logs: /var/log). After you have completed your session, the log files are scrubbed back to the second soa.py was launched.

Soapy has a few available commands for you to pass:

usage: sudo soa.py [-n|-l|-d] PATH|DIR1 DIR2 ...

optional arguments:
  -h, --help            show this help message and exit
  -l PATH, --log PATH   pass the path to log files (*default=/var/log)
  -d DIR1 DIR2 ... [DIR1 DIR2 ... ...], --dirs DIR1 DIR2 ... [DIR1 DIR2 ... ...]
                        provide directories that you want files deleted out of
                        afterwards (*default=None)
  -n, --no-prompt       delete the files in the provided directory without
                        prompting for deletion (*default=raw_input)