Awesome-CobaltStrike

List of Awesome CobaltStrike Resources

GitHub
4k stars
101 watching
733 forks
last commit: about 1 year ago
Linked from 1 awesome list

cobalt-strikeredteamsecurity

Screenshot of zer0yu/Awesome-CobaltStrike website

github.com/zer0yu/Awesome-CobaltStrike

Awesome CobaltStrike / 0x01 Articles & Videos
Cobalt_Strike_wiki 2,233 10 months ago
Cobalt Strike Book
CobaltStrike4.0笔记 396 over 4 years ago
CobaltStrike相关网络文章集合
Cobalt Strike 外部 C2 之原理篇
Cobalt Strike 桌面控制问题的解决(以及屏幕截图等后渗透工具)
Cobalt Strike & MetaSploit 联动
Cobalt-Strike-CheatSheet 972 over 2 years ago
Cobalt Strike MITRE TTPs 1,275 about 2 years ago
Red Team Operations with Cobalt Strike (2019) 19 over 3 years ago
Cobalt Strike: Overview
CobaltStrike插件开发
Cobalt Strike 中文 Wiki 172 about 1 year ago
IntelliJ-IDEA修改cobaltstrike
CobaltStrike二次开发环境准备
Cobal Strike 自定义OneLiner
通过反射DLL注入来构建后渗透模块(第一课)
Cobalt Strike Aggressor Script (第一课)
Cobalt Strike Aggressor Script (第二课)
Implementing Syscalls In The Cobaltstrike Artifact Kit
Cobalt Strike 4.0 认证及修补过程
使用ReflectiveDLLInjection武装你的CobaltStrike
Bypass cobaltstrike beacon config scan
Tailoring Cobalt Strike on Target
COFFLOADER: BUILDING YOUR OWN IN MEMORY LOADER OR HOW TO RUN BOFS
Yet Another Cobalt Strike Stager: GUID Edition
Cobalt Strike4.3 破解日记
Cobalt Strike 进程创建与对应的 Syslog 日志分析
Behind the Mask: Spoofing Call Stacks Dynamically with Timers
Cobalt Strike Spear Phish
run CS in win -- teamserver.bat
Remote NTLM relaying through CS -- related to CVE_2018_8581
Cobalt Strike Convet VPN
渗透神器CS3.14搭建使用及流量分析
CobaltStrike生成免杀shellcode
CS-notes --一系列CS的使用技巧笔记
使用 Cobalt Strike 对 Linux 主机进行后渗透
Cobalt Strike Listener with Proxy
Cobalt Strike Convet VPN
CS 4.0 SMB Beacon
Cobalt Strike 浏览器跳板攻击
Cobalt Strike 中 Bypass UAC
一起探索Cobalt Strike的ExternalC2框架
深入探索Cobalt Strike的ExternalC2框架
Cobalt Strike的特殊功能(external_C2)探究
A tale of .NET assemblies, cobalt strike size constraints, and reflection
AppDomain.AssemblyResolve
从webshell建立代理上线不出网的内网机器
在Cobalt Strike BOF中进行直接系统调用
Using Direct Syscalls in Cobalt Strike's Artifact Kit
Cobalt Strike Staging and Extracting Configuration Information
Create a proxy DLL with artifact kit
Attackers are abusing MSBuild to evade defenses and implant Cobalt Strike beacons
Lateral Movement with LiquidSnake
CoffLoader from OtterHacker
CobaltStrike证书修改躲避流量审查
CS 合法证书 + Powershell 上线
Cobalt Strike 团队服务器隐匿
红队基础建设:隐藏你的C2 server
Cobalt Strike HTTP C2 Redirectors with Apache mod_rewrite
深入研究cobalt strike malleable C2配置文件
A Brave New World: Malleable C2
How to Write Malleable C2 Profiles for Cobalt Strike
Randomized Malleable C2 Profiles Made Easy
关于CobaltStrike的Stager被扫问题
Beacon Stager listener 去特征
检测与隐藏Cobaltstrike服务器
记一次cs bypass卡巴斯基内存查杀
cs bypass卡巴斯基内存查杀 2
Cobalt Strike – Bypassing C2 Network Detections
Cobalt Strike特征隐藏
Cobalt Strike 反溯源之 CDN 篇
Unleashing The Unseen: Harnessing The Power Of Cobalt Strike Profiles For EDR Evasion
blog Volatility Plugin for Detecting Cobalt Strike Beacon. |
逆向分析Cobalt Strike安装后门
分析cobaltstrike c2 协议 67 over 4 years ago
tool Small to decrypt a Cobalt Strike auth file
Cobalt Strike 的 ExternalC2
Detecting Cobalt Strike Default Modules via Named Pipe Analysis
浅析CobaltStrike Beacon Staging Server扫描
Striking Back at Retired Cobalt Strike: A look at a legacy vulnerability
Analyzing Cobalt Strike for Fun and Profit
Cobalt Strike Remote Threads detection
The art and science of detecting Cobalt Strike
A Multi-Method Approach to Identifying Rogue Cobalt Strike Servers
How to detect Cobalt Strike activities in memory forensics
Detecting Cobalt Strike by Fingerprinting Imageload Events
The Anatomy of an APT Attack and CobaltStrike Beacon’s Encoded Configuration
CobaltStrike - beacon.dll : Your No Ordinary MZ Header
GitHub-hosted malware calculates Cobalt Strike payload from Imgur pic
Detecting Cobalt Strike beacons in NetFlow data
Volatility Plugin for Detecting Cobalt Strike Beacon
Easily Identify Malicious Servers on the Internet with JARM
Cobalt Strike Beacon Analysis
Hancitor infection with Pony, Evil Pony, Ursnif, and Cobalt Strike
Attackers Exploiting WebLogic Servers via CVE-2020-14882 to install Cobalt Strike
Hiding in the Cloud: Cobalt Strike Beacon C2 using Amazon APIs
Identifying Cobalt Strike team servers in the wild
Multi-stage APT attack drops Cobalt Strike using Malleable C2 feature
Operation Cobalt Kitty
Detecting and Advancing In-Memory .NET Tradecraft
Analysing Fileless Malware: Cobalt Strike Beacon
IndigoDrop spreads via military-themed lures to deliver Cobalt Strike
Cobalt Group Returns To Kazakhstan
Striking Back at Retired Cobalt Strike: A look at a legacy vulnerability
Azure Sentinel Quick-Deploy with Cyb3rWard0g’s Sentinel To-Go – Let’s Catch Cobalt Strike!
Cobalt Strike stagers used by FIN6
Malleable C2 Profiles and You
C2 Traffic patterns including Cobalt Strike
Cobalt Strike DNS Direct Egress Not That Far Away
Detecting Exposed Cobalt Strike DNS Redirectors
Example of Cleartext Cobalt Strike Traffic
Cobaltstrike-Beacons analyzed
通过DNS协议探测Cobalt Strike服务器
Detecting Cobalt Strike with memory signatures
CobaltStrike通信中host字段的获取
反击CobaltStrike(一) 以假乱真
某 C2 鸡肋漏洞分析:你的 CS 安全吗?
Cobalt Strike Beacon Analysis from a Live C2
Malleable Memory Indicators with Cobalt Strike's Beacon Payload
STAR Webcast: Spooky RYUKy: The Return of UNC1878
Excel 4.0 Macros Analysis - Cobalt Strike Shellcode Injection
Profiling And Detecting All Things SSL With JA3

Awesome CobaltStrike / 0x02 C2 Profiles
Malleable-C2-Profiles 1,484 over 3 years ago
Malleable-C2-Randomizer 432 about 2 years ago
malleable-c2 1,592 10 months ago
Malleable-C2-Profiles 331 over 1 year ago
random_c2_profile 619 over 1 year ago
SourcePoint 1,027 6 months ago
C2concealer 994 3 months ago
MalleableC2-Profiles 34 almost 4 years ago
MalleableC2-Profiles 757 almost 2 years ago
pyMalleableC2 263 5 months ago
1135-CobaltStrike-ToolKit 151 10 months ago
service_cobaltstrike 39 about 3 years ago
CobaltNotion 53 over 2 years ago
Burp2Malleable 360 over 1 year ago
autoRebind 19 over 1 year ago
goMalleable 58 5 months ago
Malleable-CS-Profiles 355 7 months ago

Awesome CobaltStrike / 0x03 BOF
BOF_Collection 563 almost 2 years ago
cobaltstrike-bof-toolset
Situational Awareness BOF 1,229 26 days ago
Blog Its larger goal is providing a code example and workflow for others to begin making more BOF files
bof_helper 219 over 2 years ago
BOF-DLL-Inject 146 about 4 years ago
cobaltstrike_bofs 158 about 2 years ago
BOF-RegSave 185 almost 4 years ago
CobaltStrike BOF 340 over 1 year ago
BOFs 540 almost 2 years ago
Remote Operations BOF 755 16 days ago
OperatorsKit 514 3 months ago
bof 608 about 2 years ago
Needle_Sift_BOF 30 about 3 years ago
Quser-BOF 82 over 1 year ago
BOF.NET 659 about 1 month ago
beacon-object-file
here The format, described by Mudge , asks that the operator construct an COFF file using a mingw-w64 compiler or the msvc compiler that holds an symbol name indicating its entrypoint, and underlying function calls
InlineWhispers 303 almost 3 years ago
WdToggle 212 over 1 year ago
Situational Awareness BOF 1,229 26 days ago
MiniDumpWriteDump 165 over 3 years ago
COFF Loader 460 11 days ago
Self_Deletion_BOF 169 about 3 years ago
PE Import Enumerator BOF 82 almost 3 years ago
Visual-Studio-BOF-template 279 almost 3 years ago
BOF-Builder 26 about 1 year ago
ELFLoader 245 over 2 years ago
Rust BOFs for Cobalt Strike 238 8 months ago
CoffeeLdr 271 10 months ago
HalosGate Processlist Cobalt Strike BOF 93 over 1 year ago
PPLFaultDumpBOF 132 over 1 year ago
Winsocky 96 about 1 year ago
bof-vs 129 about 2 months ago
Defender Exclusions BOF 239 over 1 year ago
ScreenShot-BOF 39 about 1 year ago
BofRoast 215 over 2 years ago
EnumCLR.c
PPEnum 102 over 1 year ago
secinject 87 over 2 years ago
FindObjects-BOF 265 over 1 year ago
Inject-assembly 477 over 2 years ago
WhereAmiI 160 over 1 year ago
GetWebDAVStatus 117 7 months ago
ChromeKeyDump 169 almost 2 years ago
Sleeper 169 almost 2 years ago
LSASS 100 over 2 years ago
getsystem 100 over 2 years ago
Silent Lsass Dump 159 over 2 years ago
unhook-bof 54 over 2 years ago
Beacon Health Check Aggressor Script 138 about 3 years ago
Registry BOF
InlineExecute-Assembly 592 about 1 year ago
CredBandit 230 about 3 years ago
Inject AMSI Bypass 374 over 1 year ago
Firewall_Enumerator_BOF 100 almost 3 years ago
Detect-Hooks 146 about 3 years ago
unhook-bof 262 about 3 years ago
whereami 160 over 1 year ago
HOLLOW 263 over 1 year ago
BOFs 111 about 3 years ago
SCShell 1,385 about 1 year ago
WinRMDLL 139 about 3 years ago
LSASS Dumping With Foreign Handles 95 about 3 years ago
PPLDump BOF 134 about 3 years ago
PortBender 666 over 1 year ago
BOF2Shellcode 170 almost 3 years ago
DLL Hijack Search Order BOF 140 almost 3 years ago
InlineWhispers2 177 about 2 years ago
NetUser 414 about 3 years ago
BOF-Nim 84 about 2 years ago
Invoke-Bof 245 almost 3 years ago
Cobalt-Clip
CoffLoader 48 over 1 year ago
COFFLoader2 191 about 2 years ago
Process Protection Level Enumerator BOF 51 about 3 years ago
Toggle_Token_Privileges_BOF 51 3 months ago
Cobalt Strike BOF - Inject ETW Bypass 275 about 3 years ago
HandleKatz_BOF
tgtdelegation 153 almost 3 years ago
nanodump 1,746 18 days ago
xPipe Cobalt Strike BOF (x64) 75 over 1 year ago
AddUser-Bof 69 almost 2 years ago
ServiceMove-BOF 279 over 2 years ago
Detect-Hooks 94 about 3 years ago
MemReader BoF 41 10 months ago
Readfile BoF 18 over 2 years ago
ChromiumKeyDump 18 over 2 years ago
LdapSignCheck 164 about 2 months ago
DelegationBOF 137 over 2 years ago
RunOF 139 over 1 year ago
KillDefender_BOF 56 over 2 years ago
TokenStripBOF 32 over 2 years ago
BOF - RDPHijack 292 about 2 years ago
Koh 484 about 2 years ago
RDPHijack 292 about 2 years ago
KDStab 154 over 1 year ago
Token Vault BOF for Cobalt Strike 136 about 2 years ago
ASRenum 137 7 months ago
ThreadlessInject-BOF 365 9 months ago
Inline-Execute-PE 629 over 1 year ago
BOFs 51 over 1 year ago
DomainPasswordSpray 42 over 1 year ago
BOF-CredUI 18 almost 2 years ago
Cookie-Graber-BOF 164 5 months ago
ScreenshotBOF 340 over 1 year ago
ScreenshotBOFPlus 170 over 1 year ago
Elevate-System-Trusted-BOF 143 over 1 year ago
Hidden Desktop BOF 1,146 10 months ago
DropSpawn 215 over 1 year ago
Nanorobeus 277 over 1 year ago
SelfDel 40 over 1 year ago
GetWeChatBOF 17 about 1 year ago
ShadowRDP 61 8 months ago
SharpHound4Cobalt 46 over 1 year ago
CVE-2020-0796-BOF 68 about 4 years ago
ZeroLogon-BOF 156 over 2 years ago
kernel-mii 30 over 1 year ago
PrivKit 364 4 months ago
CVE-2023-36874 200 about 1 year ago
SPAWN 427 over 1 year ago
PersistBOF 264 over 1 year ago
ClipboardWindow-Inject 63 about 2 years ago
SigFlip 1,059 about 1 year ago
BokuLoader 1,245 11 months ago
AddDefenderExclusions 31 over 1 year ago
BOFMask 105 over 1 year ago
Trusted Path UAC Bypass 116 about 3 years ago
EventViewerUAC_BOF 128 over 2 years ago

Awesome CobaltStrike / 0x04 Aggressor Script
BypassAV 898 about 4 years ago
BypassAV 898 about 4 years ago
scrun 177 about 5 years ago
Useage BypassAV ShellCode Loader (Cobaltstrike/Metasploit)
ShellCode_Loader 407 about 2 years ago
beacon-c2-go 38 over 4 years ago
C--Shellcode 20 almost 5 years ago
Useage python ShellCode Loader (Cobaltstrike&Metasploit)
Doge-Loader 279 over 3 years ago
CS-Loader 816 about 3 years ago
CSSG 635 9 months ago
Alaris 884 7 months ago
CarbonMonoxide 22 over 4 years ago
bypassAV-1 17 over 3 years ago
ScareCrow 2,717 about 1 year ago
Dent 295 about 1 year ago
PEzor 1,814 8 months ago
FuckThatPacker 626 over 2 years ago
goShellCodeByPassVT
HouQing 125 over 1 year ago
DesertFox 205 over 3 years ago
DInjector
GoBypass
Bypass-script 21 over 2 years ago
CobaltWhispers 225 almost 2 years ago
AceLdr 867 4 months ago
SharpTerminator 306 over 1 year ago
UAC-SilentClean 188 about 3 years ago
csload.net 121 over 3 years ago
cs-rdll-example 110 over 4 years ago
Titan
GECC
CobaltStrike beacon in rust 162 about 2 months ago
red-team-scripts 1,108 almost 5 years ago
Registry-Recon 320 over 2 years ago
aggressor-powerview 65 over 6 years ago
PowerView 11,812 about 4 years ago All functions listed in the PowerView about page are included in this with all arguments for each function
PowerView3-Aggressor 126 about 6 years ago
PowerView 11,812 about 4 years ago PowerView Aggressor Script for CobaltStrike
AggressorScripts 39 almost 5 years ago
ServerScan 1,544 4 months ago
TailorScan 278 almost 4 years ago
AggressiveProxy 140 almost 4 years ago
Spray-AD 423 over 2 years ago
Ladon 4,818 about 2 months ago
Ladon for Cobalt Strike 981 about 2 years ago
Recon-AD 314 almost 5 years ago
XSS-Fishing2-CS 132 over 4 years ago
XSS-Phishing 268 over 3 years ago
custom_payload_generator 146 almost 3 years ago
CrossC2 2,251 11 months ago
CrossC2 Kit 205 about 1 year ago
Cobaltstrike-MS17-010 416 over 5 years ago
AES-PowerShellCode 106 almost 5 years ago
SweetPotato_CS 238 over 4 years ago
ElevateKit 885 over 4 years ago
CVE-2018-4878 87 over 6 years ago
Aggressor-Scripts 144 over 6 years ago
CVE_2020_0796_CNA 78 about 4 years ago
ReflectiveDLLInjection 2,709 about 2 years ago 基于 实现的本地提权漏洞
DDEAutoCS 63 almost 7 years ago
geacon 1,141 about 4 years ago
geacon_pro
geacon_plus 383 12 months ago
SpoolSystem 608 about 2 years ago
CVE-2021-1675_RDL_LPE 147 about 3 years ago
KRBTGS 28 over 1 year ago
PrintSpoofer-ReflectiveDLL 87 almost 3 years ago
persistence-aggressor-script 171 over 6 years ago
Peinject_dll
TikiTorch 749 almost 3 years ago
CACTUSTORCH 75 over 6 years ago TikiTorch follows the same concept( ) but has multiple types of process injection available, which can be specified by the user at compile time
CACTUSTORCH 994 over 6 years ago
UploadAndRunFrp 62 about 5 years ago
persistence-aggressor-script 42 about 8 years ago
Persistence Aggressor Script
AggressiveGadgetToJScript 99 about 4 years ago
FrpProPlugin
Automatic-permission-maintenance 4 over 3 years ago
cobalt-strike-persistence 70 about 8 years ago
Cobalt_Strike_CNA 517 over 2 years ago
CustomKeyboardLayoutPersistence 161 over 1 year ago
SharpEventPersist 364 over 2 years ago
SharpZippo 58 over 2 years ago
SharpExcelibur 85 8 days ago
SharpSword 114 about 1 year ago
SharpCat 15 about 3 years ago
TabRenamer CNA 23 over 2 years ago
Liquid Snake 329 about 3 years ago
TaskShell 56 over 3 years ago
generate-rotating-beacon 1 over 3 years ago
ScareCrow-CobaltStrike 453 about 2 years ago
AggressorScripts 10 over 3 years ago
SharpeningCobaltStrike
CS_Mail_Tip
Cobalt_Strike_Bot 87 over 1 year ago
Cobaltstrike-atexec 87 over 4 years ago
Sharp-HackBrowserData 95 almost 3 years ago
HackBrowserData 169 over 3 years ago
cobalt_sync 25 2 months ago
samdump
CallBackDump 543 about 1 year ago
SharpeningCobaltStrike
SharpCompile 290 about 4 years ago
Quickrundown 30 over 5 years ago
NetUser
FileSearch 151 over 1 year ago
Phant0m_cobaltstrike 27 over 7 years ago
NoPowerShell 961 11 months ago
EventLogMaster 358 almost 5 years ago
ANGRYPUPPY 308 over 4 years ago
CobaltStrike_Script_Wechat_Push 44 over 4 years ago
CS-Aggressor-Scripts 77 7 months ago
Aggressor-Scripts 7 over 6 years ago
cs-magik 33 almost 6 years ago
GetClipboard 12 about 1 year ago
AggressorScripts 7 almost 4 years ago
Beaconator 451 about 3 years ago
Raven 194 about 5 years ago
CobaltStrikeParser 1,011 10 months ago
fakelogonscreen 1,287 over 4 years ago
SyncDog
360SafeBrowsergetpass 604 over 3 years ago
SharpDecryptPwd 1,157 over 2 years ago
List-GitHubAssembly 66 almost 4 years ago
ExecuteAssembly 538 about 3 years ago
aggrokatz 156 over 3 years ago
Zipper 188 over 4 years ago
CS-ServerChan 92 over 1 year ago
CS-PushPlus 122 over 1 year ago
HelpColor 189 7 months ago
CobaltStrike Helpmsg CNA
YouMayPasser 242 about 2 years ago
Sync Downloads 92 over 2 years ago
Headless Strike 147 about 2 years ago
Headless Strike 294 about 2 years ago
Cohab_Processes 81 over 1 year ago
EnumStrike
AM0N-Eye
aggressor_snippets 23 over 1 year ago
Erebus 1,465 almost 3 years ago
CSplugins 17 over 3 years ago
Cobalt-Strike-Aggressor-Scripts 668 about 3 years ago
Usage 668 about 3 years ago CobaltStrike后渗透测试插件集合
AggressorScripts 779 about 2 years ago
RedTeamTools 1,435 about 3 years ago
cobalt-arsenal 1,031 over 1 year ago
MoveKit 641 over 4 years ago
intro The aggressor script handles payload creation by reading the template files for a specific execution type
StayKit 462 over 4 years ago
intro The aggressor script handles payload creation by reading the template files for a specific execution type
AggressorScripts 271 about 2 years ago
AggressorScripts 1,479 over 1 year ago
AggressorScripts 271 about 2 years ago
Aggressor-VYSEC 207 over 5 years ago
AggressorAssessor 171 about 2 months ago
AggressorAssessor 171 about 2 months ago
aggressor-scripts 139 about 3 years ago
梼杌 1,785 11 months ago
Aggressor-scripts 403 about 1 year ago
Aggressor-Script 171 about 6 years ago
Aggressor-Script 527 almost 2 years ago
aggressor_scripts_collection 63 about 7 years ago
CobaltStrike-ToolKit 843 almost 4 years ago
Arsenal
cobalt-arsenal 1,031 over 1 year ago
aggressor_scripts 164 about 2 months ago
aggressor 18 over 4 years ago
CobaltStrikeCNA 29 over 7 years ago
AggressorScripts 28 over 7 years ago
AggressorAssessor 171 about 2 months ago
AggressorCollection 147 over 5 years ago
Cobaltstrike-Aggressor-Scripts-Collection 108 over 4 years ago
aggressorScripts 10 about 2 years ago
Aggressor_Scripts 11 about 3 years ago
cobalt_strike_extension_kit
cobaltstrike 180 over 3 years ago
365CobaltStrike
Cobalt-Strike
CSPlugins 400 almost 4 years ago
CobaltStrike-xor
Z1-AggressorScripts 543 over 3 years ago
csplugin 242 over 1 year ago
CSplugins 17 over 3 years ago
LSTAR 1,132 over 2 years ago
SharpUtils 46 over 1 year ago
SharpToolsAggressor 496 over 4 years ago
C.Ex
OLa 617 about 2 years ago
cobaltstrike_brute 28 about 4 years ago
Dissecting Cobalt Strike using Python 145 9 days ago
CobaltSpam 365 about 3 years ago
CobaltStrikeDos 103 about 3 years ago
CS_mock 80 about 2 years ago
CS_fakesubmit 127 about 2 years ago
CobaltStrikeScan 127 about 2 years ago
grab_beacon_config 445 about 3 years ago
C2-JARM 136 over 1 year ago
JARM 1,158 about 1 year ago
DetectCobaltStomp
cobaltstrike 263 over 3 years ago
CS_Decrypt 138 almost 4 years ago
CS Scripts 31 over 3 years ago
PyBeacon 167 almost 4 years ago
cobaltstrikescan 451 3 months ago
CobaltStrikeForensic 205 over 1 year ago
DuckMemoryScan 693 about 2 years ago
CobaltSplunk Splunk Application 83 over 3 years ago
BeaconHunter 479 about 2 years ago
CobaltStrikeDetected 262 about 3 years ago
BeaconEye 875 about 1 month ago
Beacon_re 86 over 2 years ago
Beacon.dll 134 about 3 years ago
SharpBeacon
EvilEye 145 about 2 years ago
Hunt-Sleeping-Beacons 145 about 2 years ago
CSRouge 9 over 2 years ago
Cobalt Strike Discovery 19 about 2 months ago
bypass-beacon-config-scan 84 over 3 years ago
bypass-beacon-config-scan 135 about 2 years ago
Cooolis-ms 908 about 2 months ago
UrbanBishopLocal 115 about 4 years ago
UrbanBishop 1,106 almost 2 years ago A port of FuzzySecurity's project for inline shellcode execution
ShellcodeLoader
ZheTian 724 almost 2 years ago
EXOCET 828 about 2 years ago
SecondaryDevCobaltStrike
Bypass_Go 32 over 3 years ago
CrossNet-Beta 362 4 months ago
EVA
BypassAV 898 about 4 years ago
NimShellCodeLoader 618 9 months ago
beacon_hook_bypass_memscan 24 about 3 years ago
https://xz.aliyun.com/t/9399 cs bypass卡巴斯基内存查杀:
ZheTian 724 almost 2 years ago
bypassAV 52 about 3 years ago
JsLoader 357 over 3 years ago
ShellcodeLoader 518 about 4 years ago
Alt-Beacon-Payload 20 over 3 years ago
https://github.com/fullmetalcache/CsharpMMNiceness 31 over 5 years ago Beacon payload using AV bypass method from and shellcode generated from
SigFlip 1,059 about 1 year ago
SigFlip 35 almost 3 years ago
Shellcode Fluctuation PoC 916 over 2 years ago
cool 688 about 1 year ago
ThreadStackSpoofer 1,018 over 2 years ago
SleepyCrypt 330 about 3 years ago
GobypassAV 800 about 1 year ago
AtomLdr 643 over 1 year ago
Beacon
Linco2 135 over 4 years ago
beacon-object-files 10 almost 4 years ago
C2ReverseProxy 477 over 1 year ago
Cobalt strike custom 404 page 62 over 4 years ago
StageStrike 106 over 4 years ago
CS_SSLGen 2 over 6 years ago
CobaltPatch 37 about 4 years ago
pycobalt 291 over 2 years ago
redshell 209 about 2 years ago
CobaltStrikeToGhostWriter 28 almost 4 years ago
Ansible-Cobalt-Strike 16 about 4 years ago
cobaltstrike_runtimeconfig
pystinger 1,363 about 3 years ago
ansible-role-cobalt-strike 74 about 2 months ago
CrossNet 362 4 months ago
CrossC2-C2Profile 83 about 3 years ago
BypassAddUser 45 almost 4 years ago
Docker-CobaltStrike
TeamServer.prop 61 3 months ago
Cobalt_Strike_Ansible 33 about 3 years ago
Ansible Role: Cobalt Strike 31 over 3 years ago
csOnvps 289 over 2 years ago
Cobalt Strike Sleep Python Bridge 166 over 1 year ago
c2_reporter 20 almost 4 years ago
Cobalt Strike Beacon Dataset 122 over 2 years ago
Dumpert 1,471 almost 4 years ago
DuplicateDump 194 over 2 years ago
BOFHound 293 7 months ago
PersistAssist 249 over 1 year ago
ElusiveMice 415 about 1 year ago
GoFileBinder 154 almost 3 years ago
geacon 1,141 about 4 years ago
geacon 157 about 2 years ago
redi 139 almost 7 years ago
cs2modrewrite 579 over 1 year ago
cs2webconfig 109 about 3 years ago
RedGuard 1,373 about 2 months ago
WebGuard 31 over 2 years ago
RedWarden 914 almost 2 years ago
RedCaddy 189 4 months ago
Oratu
Oss-stinger 340 almost 2 years ago
Apache Mod_Rewrite Terrafrom Automation 46 over 3 years ago
Red-EC2 59 about 4 years ago
Rapid Attack Infrastructure 294 almost 3 years ago
RedCommander 219 about 4 years ago
here Creates two Cobalt Strike C2 servers (DNS and HTTPS), with redirectors, and RedELK in Amazon AWS. Minimal setup required! Companion Blog
CobaltPatch
CPLResourceRunner 252 almost 4 years ago
csdroid 52 almost 2 years ago
vscode-language-aggressor 123 4 months ago
PayloadAutomation 116 over 2 years ago
CrackSleeve 26 over 3 years ago
beacon
ExternalC2.NET 83 almost 3 years ago
GPUSleep 213 almost 3 years ago
CallStackMasker 244 over 1 year ago
CSAgent
SilasCutler JARM Scan CobaltStrike Beacon Config.json
Cobalt Strike hashes
List of Cobalt Strike servers
CobaltStrike samples pass=infected
List of spawns from exposed Cobalt Strike C2
C2IntelFeeds 514 8 days ago
apt_cobaltstrike 2,449 8 days ago
apt_cobaltstrike_evasive 2,449 8 days ago
rules 263 over 3 years ago
suricata-rules 1,120 about 1 year ago

Backlinks from these awesome lists: