BeaconHunter
Beacon Detector
A tool for detecting and responding to potential Cobalt Strike beacons using Extended Trace Record (ETW) tracing
Detect and respond to Cobalt Strike beacons using ETW.
481 stars
11 watching
48 forks
Language: C#
last commit: over 2 years ago Related projects:
| Repository | Description | Stars |
|---|---|---|
 ccob/beaconeye | A tool designed to detect and monitor malicious beacon activity from CobaltStrike, providing insights into operator command output. | 885 |
 apr4h/cobaltstrikescan | A tool for detecting and parsing CobaltStrike beacon configuration from files or process memory. | 900 |
 te-k/cobaltstrike | Detects and analyzes Cobalt Strike beacons by analyzing HTTP responses and extracting configuration information. | 262 |
 crypt0p3g/bof-collection | A collection of beacon object files designed to be used in a remote access tool like Cobalt Strike. | 170 |
 splunk/melting-cobalt | Tool to hunt and mine Cobalt Strike beacons from internet-connected services | 164 |
 akkuman/evileye | A tool used to detect and analyze malicious beacon activity in memory using Go programming language | 149 |
 eremit4/cs-discovery | Detects malicious servers in network traffic by analyzing encoded byte patterns | 20 |
 strozfriedberg/cobaltstrike-config-extractor | A toolset to extract and analyze configurations from malware samples known as Cobalt Strike Beacons. | 145 |
 cobalt-strike/beacon_health_check | An aggressor script that tracks the health status of beacons based on their note field | 138 |
 b1tg/cobaltstrike-beacon-rust | A Cobalt Strike beacon implementation in Rust for creating malicious network connections | 177 |
 wbglil/beacon_re | A project that explores the use of beacon strikes in cobalt strike beacons to evade detection | 86 |
 sk3w/beacon-object-files | Provides example implementations of object file extensions for the Cobalt Strike Beacon framework | 10 |
 sentinel-one/cobaltstrikeparser | Deciphers CobaltStrike Beacon configurations from various formats. | 1,022 |
 pwn1sher/cs-bofs | A collection of compiled beacon object files from the CobaltStrike platform. | 99 |
 nccgroup/pybeacon | A collection of Python scripts for analyzing and interacting with Cobalt Strike beacons. | 167 |