CobaltSplunk
Log analyzer
A tool to collect, monitor and analyze Cobalt Strike logs in a Splunk environment
Splunk Dashboard for CobaltStrike logs
85 stars
10 watching
18 forks
Language: Python
last commit: over 4 years ago Related projects:
| Repository | Description | Stars |
|---|---|---|
 splunk/melting-cobalt | Tool to hunt and mine Cobalt Strike beacons from internet-connected services | 164 |
 fox-it/dissect.cobaltstrike | Library for dissecting and parsing data related to Cobalt Strike exploits | 148 |
 hausec/cobaltstriketoghostwriter | Converts CobaltStrike log files to Ghostwriter CSV format | 29 |
 romanemelyanov/cobaltstrikeforensic | Toolset to analyze and research malware and Cobalt Strike beacon behavior | 206 |
 wikiz/service_cobaltstrike | A CobaltStrike profile repository containing metadata and information about the CobaltStrike malware | 39 |
 jamvayne/cobaltstrikedos | A Python script to exploit a Cobalt Strike vulnerability and perform a denial of service attack. | 103 |
 1135/1135-cobaltstrike-toolkit | Provides tools and configurations for a Cobalt Strike toolkit to support advanced persistent threat (APT) operations | 149 |
 nvisosecurity/cobaltwhispers | An aggressor script that allows Cobalt Strike to perform process injection and persistence by leveraging direct syscalls to bypass EDR/AV systems. | 229 |
 wkl-sec/malleable-cs-profiles | A collection of tools to generate and modify shellcode profiles to evade detection in Cobalt Strike | 384 |
 eremit4/cs-discovery | Detects malicious servers in network traffic by analyzing encoded byte patterns | 20 |
 cobaltfusion/debugviewpp | Tool for viewing and filtering application logs to help understand system behavior | 1,043 |
 dcsync/pycobalt | Provides a Python API to interact with Cobalt Strike, enabling the creation and execution of scripts within the platform. | 293 |
 deepingh0st/erebus | A Cobalt Strike plugin for post-exploitation and privilege escalation tests | 1,494 |
 al1ex/csplugins | A collection of Cobaltstrike PowerShell plugins designed to simplify exploitation and penetration testing | 404 |
 wafinfo/cobaltstrike | A plugin for Cobalt Strike that automates various tasks such as domain lookup, information gathering, and internal network scanning. | 179 |