CobaltSplunk
Log Analyzer
A Splunk application designed to ingest and analyze Cobalt Strike logs, providing operational dashboards and reports.
Splunk Dashboard for CobaltStrike logs
85 stars
10 watching
18 forks
Language: Python
last commit: almost 4 years ago Related projects:
Repository | Description | Stars |
---|---|---|
splunk/melting-cobalt | Tool to hunt and mine Cobalt Strike beacons from internet-connected services | 164 |
fox-it/dissect.cobaltstrike | Library for dissecting and parsing data related to Cobalt Strike exploits | 148 |
hausec/cobaltstriketoghostwriter | Converts CobaltStrike log files to Ghostwriter CSV format | 29 |
romanemelyanov/cobaltstrikeforensic | Toolset to analyze and research malware and Cobalt Strike beacon behavior | 206 |
wikiz/service_cobaltstrike | A CobaltStrike profile repository containing metadata and information about the CobaltStrike malware | 39 |
jamvayne/cobaltstrikedos | A Python script to exploit a Cobalt Strike vulnerability and perform a denial of service attack. | 103 |
1135/1135-cobaltstrike-toolkit | Provides tools and configurations for a Cobalt Strike toolkit to support advanced persistent threat (APT) operations | 149 |
nvisosecurity/cobaltwhispers | An aggressor script that allows Cobalt Strike to perform process injection and persistence by leveraging direct syscalls to bypass EDR/AV systems. | 229 |
wkl-sec/malleable-cs-profiles | A collection of tools to generate and modify shellcode profiles to evade detection in Cobalt Strike | 384 |
eremit4/cs-discovery | Detects malicious servers in network traffic by analyzing encoded byte patterns | 20 |
cobaltfusion/debugviewpp | Tool for viewing and filtering application logs to help understand system behavior | 1,043 |
dcsync/pycobalt | Provides a Python API to interact with Cobalt Strike, enabling the creation and execution of scripts within the platform. | 293 |
deepingh0st/erebus | A Cobalt Strike plugin for post-exploitation and privilege escalation tests | 1,494 |
al1ex/csplugins | A collection of Cobaltstrike PowerShell plugins designed to simplify exploitation and penetration testing | 404 |
wafinfo/cobaltstrike | A plugin for Cobalt Strike that automates various tasks such as domain lookup, information gathering, and internal network scanning. | 180 |