Awesome-CobaltStrike

Cobalt Strike toolkit

A collection of resources and tutorials for working with Cobalt Strike

List of Awesome CobaltStrike Resources

GitHub

4k stars
102 watching
737 forks
last commit: about 1 year ago
Linked from 1 awesome list

cobalt-strikeredteamsecurity

Awesome CobaltStrike / 0x01 Articles & Videos

Cobalt_Strike_wiki 2,278 about 1 year ago
Cobalt Strike Book
CobaltStrike4.0笔记 398 over 4 years ago
CobaltStrike相关网络文章集合
Cobalt Strike 外部 C2 之原理篇
Cobalt Strike 桌面控制问题的解决(以及屏幕截图等后渗透工具)
Cobalt Strike & MetaSploit 联动
Cobalt-Strike-CheatSheet 990 almost 3 years ago
Cobalt Strike MITRE TTPs 1,280 over 2 years ago
Red Team Operations with Cobalt Strike (2019) 19 almost 4 years ago
Cobalt Strike: Overview
CobaltStrike插件开发
Cobalt Strike 中文 Wiki 172 over 1 year ago
IntelliJ-IDEA修改cobaltstrike
CobaltStrike二次开发环境准备
Cobal Strike 自定义OneLiner
通过反射DLL注入来构建后渗透模块(第一课)
Cobalt Strike Aggressor Script (第一课)
Cobalt Strike Aggressor Script (第二课)
Implementing Syscalls In The Cobaltstrike Artifact Kit
Cobalt Strike 4.0 认证及修补过程
使用ReflectiveDLLInjection武装你的CobaltStrike
Bypass cobaltstrike beacon config scan
Tailoring Cobalt Strike on Target
COFFLOADER: BUILDING YOUR OWN IN MEMORY LOADER OR HOW TO RUN BOFS
Yet Another Cobalt Strike Stager: GUID Edition
Cobalt Strike4.3 破解日记
Cobalt Strike 进程创建与对应的 Syslog 日志分析
Behind the Mask: Spoofing Call Stacks Dynamically with Timers
Cobalt Strike Spear Phish
run CS in win -- teamserver.bat
Remote NTLM relaying through CS -- related to CVE_2018_8581
Cobalt Strike Convet VPN
渗透神器CS3.14搭建使用及流量分析
CobaltStrike生成免杀shellcode
CS-notes --一系列CS的使用技巧笔记
使用 Cobalt Strike 对 Linux 主机进行后渗透
Cobalt Strike Listener with Proxy
Cobalt Strike Convet VPN
CS 4.0 SMB Beacon
Cobalt Strike 浏览器跳板攻击
Cobalt Strike 中 Bypass UAC
一起探索Cobalt Strike的ExternalC2框架
深入探索Cobalt Strike的ExternalC2框架
Cobalt Strike的特殊功能(external_C2)探究
A tale of .NET assemblies, cobalt strike size constraints, and reflection
AppDomain.AssemblyResolve
从webshell建立代理上线不出网的内网机器
在Cobalt Strike BOF中进行直接系统调用
Using Direct Syscalls in Cobalt Strike's Artifact Kit
Cobalt Strike Staging and Extracting Configuration Information
Create a proxy DLL with artifact kit
Attackers are abusing MSBuild to evade defenses and implant Cobalt Strike beacons
Lateral Movement with LiquidSnake
CoffLoader from OtterHacker
CobaltStrike证书修改躲避流量审查
CS 合法证书 + Powershell 上线
Cobalt Strike 团队服务器隐匿
红队基础建设:隐藏你的C2 server
Cobalt Strike HTTP C2 Redirectors with Apache mod_rewrite
深入研究cobalt strike malleable C2配置文件
A Brave New World: Malleable C2
How to Write Malleable C2 Profiles for Cobalt Strike
Randomized Malleable C2 Profiles Made Easy
关于CobaltStrike的Stager被扫问题
Beacon Stager listener 去特征
检测与隐藏Cobaltstrike服务器
记一次cs bypass卡巴斯基内存查杀
cs bypass卡巴斯基内存查杀 2
Cobalt Strike – Bypassing C2 Network Detections
Cobalt Strike特征隐藏
Cobalt Strike 反溯源之 CDN 篇
Unleashing The Unseen: Harnessing The Power Of Cobalt Strike Profiles For EDR Evasion
blog Volatility Plugin for Detecting Cobalt Strike Beacon. |
逆向分析Cobalt Strike安装后门
分析cobaltstrike c2 协议 67 almost 5 years ago
tool Small to decrypt a Cobalt Strike auth file
Cobalt Strike 的 ExternalC2
Detecting Cobalt Strike Default Modules via Named Pipe Analysis
浅析CobaltStrike Beacon Staging Server扫描
Striking Back at Retired Cobalt Strike: A look at a legacy vulnerability
Analyzing Cobalt Strike for Fun and Profit
Cobalt Strike Remote Threads detection
The art and science of detecting Cobalt Strike
A Multi-Method Approach to Identifying Rogue Cobalt Strike Servers
How to detect Cobalt Strike activities in memory forensics
Detecting Cobalt Strike by Fingerprinting Imageload Events
The Anatomy of an APT Attack and CobaltStrike Beacon’s Encoded Configuration
CobaltStrike - beacon.dll : Your No Ordinary MZ Header
GitHub-hosted malware calculates Cobalt Strike payload from Imgur pic
Detecting Cobalt Strike beacons in NetFlow data
Volatility Plugin for Detecting Cobalt Strike Beacon
Easily Identify Malicious Servers on the Internet with JARM
Cobalt Strike Beacon Analysis
Hancitor infection with Pony, Evil Pony, Ursnif, and Cobalt Strike
Attackers Exploiting WebLogic Servers via CVE-2020-14882 to install Cobalt Strike
Hiding in the Cloud: Cobalt Strike Beacon C2 using Amazon APIs
Identifying Cobalt Strike team servers in the wild
Multi-stage APT attack drops Cobalt Strike using Malleable C2 feature
Operation Cobalt Kitty
Detecting and Advancing In-Memory .NET Tradecraft
Analysing Fileless Malware: Cobalt Strike Beacon
IndigoDrop spreads via military-themed lures to deliver Cobalt Strike
Cobalt Group Returns To Kazakhstan
Striking Back at Retired Cobalt Strike: A look at a legacy vulnerability
Azure Sentinel Quick-Deploy with Cyb3rWard0g’s Sentinel To-Go – Let’s Catch Cobalt Strike!
Cobalt Strike stagers used by FIN6
Malleable C2 Profiles and You
C2 Traffic patterns including Cobalt Strike
Cobalt Strike DNS Direct Egress Not That Far Away
Detecting Exposed Cobalt Strike DNS Redirectors
Example of Cleartext Cobalt Strike Traffic
Cobaltstrike-Beacons analyzed
通过DNS协议探测Cobalt Strike服务器
Detecting Cobalt Strike with memory signatures
CobaltStrike通信中host字段的获取
反击CobaltStrike(一) 以假乱真
某 C2 鸡肋漏洞分析:你的 CS 安全吗?
Cobalt Strike Beacon Analysis from a Live C2
Malleable Memory Indicators with Cobalt Strike's Beacon Payload
STAR Webcast: Spooky RYUKy: The Return of UNC1878
Excel 4.0 Macros Analysis - Cobalt Strike Shellcode Injection
Profiling And Detecting All Things SSL With JA3

Awesome CobaltStrike / 0x02 C2 Profiles

Malleable-C2-Profiles 1,494 over 3 years ago
Malleable-C2-Randomizer 433 over 2 years ago
malleable-c2 1,630 about 1 year ago
Malleable-C2-Profiles 342 over 1 year ago
random_c2_profile 631 almost 2 years ago
SourcePoint 1,050 9 months ago
C2concealer 1,024 6 months ago
MalleableC2-Profiles 34 about 4 years ago
MalleableC2-Profiles 774 about 2 years ago
pyMalleableC2 269 about 2 months ago
1135-CobaltStrike-ToolKit 149 about 1 year ago
service_cobaltstrike 39 about 3 years ago
CobaltNotion 53 over 2 years ago
Burp2Malleable 371 over 1 year ago
autoRebind 19 almost 2 years ago
goMalleable 60 7 months ago
Malleable-CS-Profiles 384 10 months ago

Awesome CobaltStrike / 0x03 BOF

BOF_Collection 592 about 2 years ago
cobaltstrike-bof-toolset
Situational Awareness BOF 1,287 3 months ago
Blog Its larger goal is providing a code example and workflow for others to begin making more BOF files
bof_helper 222 over 2 years ago
BOF-DLL-Inject 147 over 4 years ago
cobaltstrike_bofs 159 over 2 years ago
BOF-RegSave 188 about 4 years ago
CobaltStrike BOF 342 almost 2 years ago
BOFs 554 about 2 years ago
Remote Operations BOF 886 25 days ago
OperatorsKit 550 5 months ago
bof 607 over 2 years ago
Needle_Sift_BOF 30 about 3 years ago
Quser-BOF 83 over 1 year ago
BOF.NET 682 3 months ago
beacon-object-file
here The format, described by Mudge , asks that the operator construct an COFF file using a mingw-w64 compiler or the msvc compiler that holds an symbol name indicating its entrypoint, and underlying function calls
InlineWhispers 308 about 3 years ago
WdToggle 213 over 1 year ago
Situational Awareness BOF 1,287 3 months ago
MiniDumpWriteDump 170 almost 4 years ago
COFF Loader 482 about 2 months ago
Self_Deletion_BOF 171 about 3 years ago
PE Import Enumerator BOF 83 about 3 years ago
Visual-Studio-BOF-template 285 about 3 years ago
BOF-Builder 26 over 1 year ago
ELFLoader 253 over 2 years ago
Rust BOFs for Cobalt Strike 254 10 months ago
CoffeeLdr 276 about 1 year ago
HalosGate Processlist Cobalt Strike BOF 95 almost 2 years ago
PPLFaultDumpBOF 134 over 1 year ago
Winsocky 99 over 1 year ago
bof-vs 145 4 months ago
Defender Exclusions BOF 241 over 1 year ago
ScreenShot-BOF 39 over 1 year ago
BofRoast 220 almost 3 years ago
EnumCLR.c
PPEnum 110 over 1 year ago
secinject 88 almost 3 years ago
FindObjects-BOF 266 over 1 year ago
Inject-assembly 485 almost 3 years ago
WhereAmiI 160 almost 2 years ago
GetWebDAVStatus 123 9 months ago
ChromeKeyDump 170 about 2 years ago
Sleeper 170 about 2 years ago
LSASS 101 almost 3 years ago
getsystem 101 almost 3 years ago
Silent Lsass Dump 158 over 2 years ago
unhook-bof 54 almost 3 years ago
Beacon Health Check Aggressor Script 137 about 3 years ago
Registry BOF
InlineExecute-Assembly 617 over 1 year ago
CredBandit 233 over 3 years ago
Inject AMSI Bypass 377 almost 2 years ago
Firewall_Enumerator_BOF 100 about 3 years ago
Detect-Hooks 148 over 3 years ago
unhook-bof 263 about 3 years ago
whereami 160 almost 2 years ago
HOLLOW 267 almost 2 years ago
BOFs 111 over 3 years ago
SCShell 1,418 over 1 year ago
WinRMDLL 140 over 3 years ago
LSASS Dumping With Foreign Handles 98 over 3 years ago
PPLDump BOF 136 about 3 years ago
PortBender 682 almost 2 years ago
BOF2Shellcode 175 about 3 years ago
DLL Hijack Search Order BOF 141 about 3 years ago
InlineWhispers2 178 over 2 years ago
NetUser 417 about 3 years ago
BOF-Nim 84 over 2 years ago
Invoke-Bof 245 about 3 years ago
Cobalt-Clip
CoffLoader 48 almost 2 years ago
COFFLoader2 206 over 2 years ago
Process Protection Level Enumerator BOF 51 over 3 years ago
Toggle_Token_Privileges_BOF 52 5 months ago
Cobalt Strike BOF - Inject ETW Bypass 276 about 3 years ago
HandleKatz_BOF
tgtdelegation 167 about 3 years ago
nanodump 1,813 3 months ago
xPipe Cobalt Strike BOF (x64) 75 almost 2 years ago
AddUser-Bof 70 about 2 years ago
ServiceMove-BOF 284 almost 3 years ago
Detect-Hooks 97 over 3 years ago
MemReader BoF 41 about 1 year ago
Readfile BoF 18 over 2 years ago
ChromiumKeyDump 18 over 2 years ago
LdapSignCheck 177 4 months ago
DelegationBOF 138 over 2 years ago
RunOF 141 almost 2 years ago
KillDefender_BOF 62 over 2 years ago
TokenStripBOF 32 over 2 years ago
BOF - RDPHijack 297 over 2 years ago
Koh 488 over 2 years ago
RDPHijack 297 over 2 years ago
KDStab 156 over 1 year ago
Token Vault BOF for Cobalt Strike 137 over 2 years ago
ASRenum 142 10 months ago
ThreadlessInject-BOF 369 11 months ago
Inline-Execute-PE 648 almost 2 years ago
BOFs 51 almost 2 years ago
DomainPasswordSpray 43 almost 2 years ago
BOF-CredUI 18 about 2 years ago
Cookie-Graber-BOF 172 8 months ago
ScreenshotBOF 346 over 1 year ago
ScreenshotBOFPlus 175 over 1 year ago
Elevate-System-Trusted-BOF 148 over 1 year ago
Hidden Desktop BOF 1,169 about 1 year ago
DropSpawn 219 over 1 year ago
Nanorobeus 284 over 1 year ago
SelfDel 40 over 1 year ago
GetWeChatBOF 17 over 1 year ago
ShadowRDP 62 11 months ago
SharpHound4Cobalt 47 over 1 year ago
CVE-2020-0796-BOF 68 over 4 years ago
ZeroLogon-BOF 157 over 2 years ago
kernel-mii 29 over 1 year ago
PrivKit 383 6 months ago
CVE-2023-36874 202 over 1 year ago
SPAWN 440 almost 2 years ago
PersistBOF 269 almost 2 years ago
ClipboardWindow-Inject 65 over 2 years ago
SigFlip 1,094 over 1 year ago
BokuLoader 1,265 about 1 year ago
AddDefenderExclusions 32 over 1 year ago
BOFMask 110 over 1 year ago
Trusted Path UAC Bypass 119 over 3 years ago
EventViewerUAC_BOF 129 over 2 years ago

Awesome CobaltStrike / 0x04 Aggressor Script

BypassAV 902 over 4 years ago
BypassAV 902 over 4 years ago
scrun 177 over 5 years ago
Useage BypassAV ShellCode Loader (Cobaltstrike/Metasploit)
ShellCode_Loader 413 about 2 years ago
beacon-c2-go 38 almost 5 years ago
C--Shellcode 20 about 5 years ago
Useage python ShellCode Loader (Cobaltstrike&Metasploit)
Doge-Loader 279 over 3 years ago
CS-Loader 820 over 3 years ago
CSSG 638 12 months ago
Alaris 891 9 months ago
CarbonMonoxide 23 over 4 years ago
bypassAV-1 17 almost 4 years ago
ScareCrow 2,752 over 1 year ago
Dent 297 over 1 year ago
PEzor 1,869 11 months ago
FuckThatPacker 630 over 2 years ago
goShellCodeByPassVT
HouQing 125 almost 2 years ago
DesertFox 206 almost 4 years ago
DInjector
GoBypass
Bypass-script 21 over 2 years ago
CobaltWhispers 229 almost 2 years ago
AceLdr 887 7 months ago
SharpTerminator 341 over 1 year ago
UAC-SilentClean 190 over 3 years ago
csload.net 121 over 3 years ago
cs-rdll-example 111 over 4 years ago
Titan
GECC
CobaltStrike beacon in rust 180 4 months ago
red-team-scripts 1,113 28 days ago
Registry-Recon 322 over 2 years ago
aggressor-powerview 67 over 6 years ago
PowerView 11,979 over 4 years ago All functions listed in the PowerView about page are included in this with all arguments for each function
PowerView3-Aggressor 128 over 6 years ago
PowerView 11,979 over 4 years ago PowerView Aggressor Script for CobaltStrike
AggressorScripts 39 about 5 years ago
ServerScan 1,567 6 months ago
TailorScan 279 about 4 years ago
AggressiveProxy 141 about 4 years ago
Spray-AD 426 over 2 years ago
Ladon 4,910 29 days ago
Ladon for Cobalt Strike 1,000 over 2 years ago
Recon-AD 316 about 5 years ago
XSS-Fishing2-CS 134 over 4 years ago
XSS-Phishing 269 over 3 years ago
custom_payload_generator 148 almost 3 years ago
CrossC2 2,311 about 1 year ago
CrossC2 Kit 212 over 1 year ago
Cobaltstrike-MS17-010 418 over 5 years ago
AES-PowerShellCode 108 almost 5 years ago
SweetPotato_CS 240 over 4 years ago
ElevateKit 895 over 4 years ago
CVE-2018-4878 87 almost 7 years ago
Aggressor-Scripts 144 over 6 years ago
CVE_2020_0796_CNA 79 over 4 years ago
ReflectiveDLLInjection 2,767 over 2 years ago 基于 实现的本地提权漏洞
DDEAutoCS 63 about 7 years ago
geacon 1,159 about 4 years ago
geacon_pro
geacon_plus 397 about 1 year ago
SpoolSystem 607 over 2 years ago
CVE-2021-1675_RDL_LPE 147 over 3 years ago
KRBTGS 28 over 1 year ago
PrintSpoofer-ReflectiveDLL 87 about 3 years ago
persistence-aggressor-script 173 over 6 years ago
Peinject_dll
TikiTorch 753 about 3 years ago
CACTUSTORCH 75 over 6 years ago TikiTorch follows the same concept( ) but has multiple types of process injection available, which can be specified by the user at compile time
CACTUSTORCH 997 over 6 years ago
UploadAndRunFrp 63 over 5 years ago
persistence-aggressor-script 42 28 days ago
Persistence Aggressor Script
AggressiveGadgetToJScript 99 about 4 years ago
FrpProPlugin
Automatic-permission-maintenance 4 over 3 years ago
cobalt-strike-persistence 70 over 8 years ago
Cobalt_Strike_CNA 533 almost 3 years ago
CustomKeyboardLayoutPersistence 161 over 1 year ago
SharpEventPersist 367 over 2 years ago
SharpZippo 58 over 2 years ago
SharpExcelibur 87 3 months ago
SharpSword 117 3 months ago
SharpCat 15 over 3 years ago
TabRenamer CNA 23 over 2 years ago
Liquid Snake 327 over 3 years ago
TaskShell 56 almost 4 years ago
generate-rotating-beacon 1 almost 4 years ago
ScareCrow-CobaltStrike 457 over 2 years ago
AggressorScripts 10 over 3 years ago
SharpeningCobaltStrike
CS_Mail_Tip
Cobalt_Strike_Bot 88 almost 2 years ago
Cobaltstrike-atexec 87 over 4 years ago
Sharp-HackBrowserData 95 about 3 years ago
HackBrowserData 168 almost 4 years ago
cobalt_sync 25 5 months ago
samdump
CallBackDump 547 over 1 year ago
SharpeningCobaltStrike
SharpCompile 290 over 4 years ago
Quickrundown 30 almost 6 years ago
NetUser
FileSearch 152 almost 2 years ago
Phant0m_cobaltstrike 27 over 7 years ago
NoPowerShell 968 about 1 year ago
EventLogMaster 361 almost 5 years ago
ANGRYPUPPY 311 over 4 years ago
CobaltStrike_Script_Wechat_Push 44 over 4 years ago
CS-Aggressor-Scripts 77 9 months ago
Aggressor-Scripts 7 almost 7 years ago
cs-magik 33 almost 6 years ago
GetClipboard 12 over 1 year ago
AggressorScripts 7 about 4 years ago
Beaconator 451 over 3 years ago
Raven 194 over 5 years ago
CobaltStrikeParser 1,027 12 months ago
fakelogonscreen 1,301 almost 5 years ago
SyncDog
360SafeBrowsergetpass 611 over 3 years ago
SharpDecryptPwd 1,177 almost 3 years ago
List-GitHubAssembly 66 about 4 years ago
ExecuteAssembly 547 over 3 years ago
aggrokatz 155 over 3 years ago
Zipper 191 almost 5 years ago
CS-ServerChan 93 almost 2 years ago
CS-PushPlus 124 almost 2 years ago
HelpColor 191 9 months ago
CobaltStrike Helpmsg CNA
YouMayPasser 250 over 2 years ago
Sync Downloads 92 over 2 years ago
Headless Strike 147 over 2 years ago
Headless Strike 295 over 2 years ago
Cohab_Processes 81 almost 2 years ago
EnumStrike
AM0N-Eye
aggressor_snippets 23 over 1 year ago
Erebus 1,494 about 3 years ago
CSplugins 17 almost 4 years ago
Cobalt-Strike-Aggressor-Scripts 672 over 3 years ago
Usage 672 over 3 years ago CobaltStrike后渗透测试插件集合
AggressorScripts 800 over 2 years ago
RedTeamTools 1,440 over 3 years ago
cobalt-arsenal 1,048 over 1 year ago
MoveKit 651 almost 5 years ago
intro The aggressor script handles payload creation by reading the template files for a specific execution type
StayKit 468 almost 5 years ago
intro The aggressor script handles payload creation by reading the template files for a specific execution type
AggressorScripts 272 over 2 years ago
AggressorScripts 1,486 over 1 year ago
AggressorScripts 272 over 2 years ago
Aggressor-VYSEC 207 almost 6 years ago
AggressorAssessor 175 4 months ago
AggressorAssessor 175 4 months ago
aggressor-scripts 139 28 days ago
梼杌 1,797 about 1 year ago
Aggressor-scripts 404 over 1 year ago
Aggressor-Script 171 over 6 years ago
Aggressor-Script 533 about 2 years ago
aggressor_scripts_collection 63 about 7 years ago
CobaltStrike-ToolKit 846 about 4 years ago
Arsenal
cobalt-arsenal 1,048 over 1 year ago
aggressor_scripts 168 4 months ago
aggressor 18 almost 5 years ago
CobaltStrikeCNA 29 over 7 years ago
AggressorScripts 28 over 7 years ago
AggressorAssessor 175 4 months ago
AggressorCollection 147 almost 6 years ago
Cobaltstrike-Aggressor-Scripts-Collection 109 almost 5 years ago
aggressorScripts 10 over 2 years ago
Aggressor_Scripts 11 over 3 years ago
cobalt_strike_extension_kit
cobaltstrike 180 almost 4 years ago
365CobaltStrike
Cobalt-Strike
CSPlugins 404 almost 4 years ago
CobaltStrike-xor
Z1-AggressorScripts 545 over 3 years ago
csplugin 243 almost 2 years ago
CSplugins 17 almost 4 years ago
LSTAR 1,166 almost 3 years ago
SharpUtils 46 over 1 year ago
SharpToolsAggressor 498 almost 5 years ago
C.Ex
OLa 628 over 2 years ago
cobaltstrike_brute 28 over 4 years ago
Dissecting Cobalt Strike using Python 148 2 months ago
CobaltSpam 366 over 3 years ago
CobaltStrikeDos 103 about 3 years ago
CS_mock 78 over 2 years ago
CS_fakesubmit 130 about 2 years ago
CobaltStrikeScan 130 about 2 years ago
grab_beacon_config 447 over 3 years ago
C2-JARM 135 over 1 year ago
JARM 1,180 over 1 year ago
DetectCobaltStomp
cobaltstrike 265 over 3 years ago
CS_Decrypt 140 about 4 years ago
CS Scripts 32 over 3 years ago
PyBeacon 168 almost 4 years ago
cobaltstrikescan 455 5 months ago
CobaltStrikeForensic 206 almost 2 years ago
DuckMemoryScan 711 over 2 years ago
CobaltSplunk Splunk Application 85 almost 4 years ago
BeaconHunter 482 over 2 years ago
CobaltStrikeDetected 272 over 3 years ago
BeaconEye 892 3 months ago
Beacon_re 86 over 2 years ago
Beacon.dll 137 over 3 years ago
SharpBeacon
EvilEye 148 over 2 years ago
Hunt-Sleeping-Beacons 148 over 2 years ago
CSRouge 9 over 2 years ago
Cobalt Strike Discovery 20 4 months ago
bypass-beacon-config-scan 84 over 3 years ago
bypass-beacon-config-scan 134 over 2 years ago
Cooolis-ms 913 4 months ago
UrbanBishopLocal 115 about 4 years ago
UrbanBishop 1,117 almost 2 years ago A port of FuzzySecurity's project for inline shellcode execution
ShellcodeLoader
ZheTian 728 about 2 years ago
EXOCET 837 over 2 years ago
SecondaryDevCobaltStrike
Bypass_Go 32 almost 4 years ago
CrossNet-Beta 362 6 months ago
EVA
BypassAV 902 over 4 years ago
NimShellCodeLoader 640 21 days ago
beacon_hook_bypass_memscan 24 over 3 years ago
https://xz.aliyun.com/t/9399 cs bypass卡巴斯基内存查杀:
ZheTian 728 about 2 years ago
bypassAV 52 about 3 years ago
JsLoader 357 almost 4 years ago
ShellcodeLoader 523 over 4 years ago
Alt-Beacon-Payload 20 almost 4 years ago
https://github.com/fullmetalcache/CsharpMMNiceness 31 almost 6 years ago Beacon payload using AV bypass method from and shellcode generated from
SigFlip 1,094 over 1 year ago
SigFlip 45 almost 3 years ago
Shellcode Fluctuation PoC 957 over 2 years ago
cool 691 over 1 year ago
ThreadStackSpoofer 1,053 over 2 years ago
SleepyCrypt 330 over 3 years ago
GobypassAV 823 over 1 year ago
AtomLdr 676 almost 2 years ago
Beacon
Linco2 136 over 4 years ago
beacon-object-files 10 about 4 years ago
C2ReverseProxy 480 over 1 year ago
Cobalt strike custom 404 page 63 over 4 years ago
StageStrike 106 over 4 years ago
CS_SSLGen 2 almost 7 years ago
CobaltPatch 37 over 4 years ago
pycobalt 293 almost 3 years ago
redshell 209 over 2 years ago
CobaltStrikeToGhostWriter 29 about 4 years ago
Ansible-Cobalt-Strike 16 over 4 years ago
cobaltstrike_runtimeconfig
pystinger 1,377 about 3 years ago
ansible-role-cobalt-strike 74 11 days ago
CrossNet 362 6 months ago
CrossC2-C2Profile 83 over 3 years ago
BypassAddUser 46 about 4 years ago
Docker-CobaltStrike
TeamServer.prop 62 5 months ago
Cobalt_Strike_Ansible 33 about 3 years ago
Ansible Role: Cobalt Strike 31 almost 4 years ago
csOnvps 288 over 2 years ago
Cobalt Strike Sleep Python Bridge 169 over 1 year ago
c2_reporter 20 about 4 years ago
Cobalt Strike Beacon Dataset 125 over 2 years ago
Dumpert 1,496 almost 4 years ago
DuplicateDump 199 almost 3 years ago
BOFHound 311 10 months ago
PersistAssist 248 over 1 year ago
ElusiveMice 427 over 1 year ago
GoFileBinder 157 about 3 years ago
geacon 1,159 about 4 years ago
geacon 159 over 2 years ago
redi 140 about 7 years ago
cs2modrewrite 585 almost 2 years ago
cs2webconfig 110 over 3 years ago
RedGuard 1,420 4 months ago
WebGuard 32 over 2 years ago
RedWarden 933 about 2 years ago
RedCaddy 197 7 months ago
Oratu
Oss-stinger 343 about 2 years ago
Apache Mod_Rewrite Terrafrom Automation 46 almost 4 years ago
Red-EC2 59 over 4 years ago
Rapid Attack Infrastructure 300 23 days ago
RedCommander 221 about 4 years ago
here Creates two Cobalt Strike C2 servers (DNS and HTTPS), with redirectors, and RedELK in Amazon AWS. Minimal setup required! Companion Blog
CobaltPatch
CPLResourceRunner 253 about 4 years ago
csdroid 52 about 2 years ago
vscode-language-aggressor 124 6 months ago
PayloadAutomation 118 over 2 years ago
CrackSleeve 26 over 3 years ago
beacon
ExternalC2.NET 84 about 3 years ago
GPUSleep 239 about 3 years ago
CallStackMasker 256 almost 2 years ago
CSAgent
SilasCutler JARM Scan CobaltStrike Beacon Config.json
Cobalt Strike hashes
List of Cobalt Strike servers
CobaltStrike samples pass=infected
List of spawns from exposed Cobalt Strike C2
C2IntelFeeds 540 1 day ago
apt_cobaltstrike 2,509 5 days ago
apt_cobaltstrike_evasive 2,509 5 days ago
rules 265 over 3 years ago
suricata-rules 1,141 over 1 year ago

Backlinks from these awesome lists:

More related projects: