cobaltstrike

Beacon analyzer

Detects and analyzes Cobalt Strike beacons by analyzing HTTP responses and extracting configuration information.

Code and yara rules to detect and analyze Cobalt Strike

GitHub

265 stars
16 watching
58 forks
Language: Python
last commit: over 3 years ago

Related projects:

Repository Description Stars
eremit4/cs-discovery Detects malicious servers in network traffic by analyzing encoded byte patterns 20
sentinel-one/cobaltstrikeparser Deciphers CobaltStrike Beacon configurations from various formats. 1,027
strozfriedberg/cobaltstrike-config-extractor A toolset to extract and analyze configurations from malware samples known as Cobalt Strike Beacons. 148
fox-it/dissect.cobaltstrike Library for dissecting and parsing data related to Cobalt Strike exploits 148
fox-it/cobaltstrike-beacon-data Historical metadata of Cobalt Strike Beacon attacks 125
splunk/melting-cobalt Tool to hunt and mine Cobalt Strike beacons from internet-connected services 164
z3ratu1/geacon_plus A Go implementation of a CobaltStrike beacon with support for multiple platforms and various communication protocols 397
b1tg/cobaltstrike-beacon-rust A Cobalt Strike beacon implementation in Rust for creating malicious network connections 180
romanemelyanov/cobaltstrikeforensic Toolset to analyze and research malware and Cobalt Strike beacon behavior 206
3lp4tr0n/beaconhunter A tool for detecting and responding to potential Cobalt Strike beacons using Extended Trace Record (ETW) tracing 482
apr4h/cobaltstrikescan A tool for detecting and parsing CobaltStrike beacon configuration from files or process memory. 902
loecho-sec/cobaltstrike_script_wechat_push Automated notifications via WeChat Serveré…± for CobaltStrike beacons 44
huoji120/cobaltstrikedetected Detects potential Cobalt Strike malware by analyzing memory allocation patterns during code execution 272
nccgroup/pybeacon A collection of Python scripts for analyzing and interacting with Cobalt Strike beacons. 168
akkuman/evileye A tool used to detect and analyze malicious beacon activity in memory using Go programming language 148