CobaltStrike_CNA
Persistence script
A PowerShell script for maintaining persistence on Windows systems by utilizing various WinAPIs and Cobalt Strike features.
使用多种WinAPI进行权限维持的CobaltStrike脚本,包含API设置系统服务,设置计划任务,管理用户等。
530 stars
10 watching
85 forks
Language: PowerShell
last commit: almost 3 years ago adduserscobaltstrike-pluginspersistentservicestask-schedulerwmi
Related projects:
| Repository | Description | Stars |
|---|---|---|
 cyri1s/cobalt-strike-persistence | A script that enables persistence after an initial Cobalt Strike payload is delivered to a system | 70 |
 0xthirteen/staykit | A persistence kit for Cobalt Strike using a custom .NET assembly and leveraging various Windows techniques to maintain access after initial access is lost. | 466 |
 lintstar/cs-serverchan | Automates CobaltStrike notification to WeChat via ServerChan | 92 |
 codextf2/cobaltstrike-headless | A tool that converts a headless Cobalt Strike client into a functional one. | 147 |
 p292/phant0m_cobaltstrike | A PowerShell script that integrates Phant0m with Cobalt Strike to automate tasks | 27 |
 deepingh0st/erebus | A Cobalt Strike plugin for post-exploitation and privilege escalation tests | 1,487 |
 bytecod3r/cobaltstrike-aggressor-scripts-collection | A collection of tested Cobaltstrike aggressor scripts in PowerShell. | 109 |
 wafinfo/cobaltstrike | A plugin for Cobalt Strike that automates various tasks such as domain lookup, information gathering, and internal network scanning. | 180 |
 killswitch-gui/cobaltstrike-toolkit | A collection of tools and scripts to automate vulnerability assessments and exploitation on CobaltStrike beacons | 846 |
 alphabugx/csonvps | Automated deployment script for CobaltStrike 4.4 on VPS | 288 |
 fox-it/dissect.cobaltstrike | Library for dissecting and parsing data related to Cobalt Strike exploits | 147 |
 1135/1135-cobaltstrike-toolkit | Provides tools and configurations for a Cobalt Strike toolkit to support advanced persistent threat (APT) operations | 150 |
 qax-a-team/cobaltstrike-toolset | A collection of tools and scripts used to simulate cyber attacks | 532 |
 nvisosecurity/cobaltwhispers | An aggressor script that allows Cobalt Strike to perform process injection and persistence by leveraging direct syscalls to bypass EDR/AV systems. | 227 |
 jamvayne/cobaltstrikedos | A Python script to exploit a Cobalt Strike vulnerability and perform a denial of service attack. | 103 |