How Ghostline works

Contract types

• Recon: map hosts, services, target people and clues.
• CVE research: inspect NVD/MITRE/Exploit-DB references, stage a safe PoC stub, and prove posture.
• GhostMail route: identify a trusted sender, template, reply-to and optional link.
• Callback/credential: generate a contract-bound link, host it, mail it, and read the returned proof file.
• Web/API: use whatweb, gobuster, ffuf, curl and evidence commands.
• Team campaign: split route tasks with a crew and share payout/rep.

Contract rhythm

1. Complete or opt out of Sandbox.
2. Accept a contract to unlock Console, Target Site, Hint, Research and PoC controls.
3. Research the reference if provided.
4. Use console commands and GhostMail/Market when required.
5. Package evidence and submit the report flag.

Useful commands

cat briefing.txt
ip addr show tun0
sudo nmap -Pn -sS -sV -sC -O -p- TARGET_IP
whatweb http://TARGET_HOST
gobuster dir -u http://TARGET_HOST -w /usr/share/wordlists/dirb/common.txt
searchsploit CVE-YYYY-NNNN
ghostline payload generate --type credential --scenario OP-CODE --port 8000
python3 -m http.server 8000 --directory ~/files/payloads
ghostline links
ghostline creds
hackops evidence add --scenario OP-CODE --notes "proof captured"
hackops-report --scenario OP-CODE --submit

Ranks

Rep is awarded for completions, clean routes, achievements and team contributions. Expired/dropped contracts can reduce rep.

Heat logic

Heat rises when you play noisy: repeated wrong commands, target-mail bounces, obvious sender mistakes, excessive scans and missed deadlines. Heat drops when you close contracts cleanly, complete Sandbox, buy clean-route training, or use heat-reduction items.

• 0-39: cool.
• 40-69: watched; some higher-tier brokers hesitate.
• 70-99: hot; payouts may be less forgiving.
• 100+: caught/locked. Pay a fictional fine/bribe or use a Get Out of Jail Free Card from inventory/market to continue.

The heat system is purely in-game. It teaches OPSEC discipline and route quality.