#Cobalt_Strike
It's just un implementation of in-house CoffLoader supporting #CobaltStrike standard BOF and BSS initialized variables.
Look at the main.c file to change the BOF and its parameters. CobalStrike handles the BOF parameter in a special way, the Arg structure is here to pass parameters easier.
https://github.com/OtterHacker/CoffLoader
@BlueRedTeam
It's just un implementation of in-house CoffLoader supporting #CobaltStrike standard BOF and BSS initialized variables.
Look at the main.c file to change the BOF and its parameters. CobalStrike handles the BOF parameter in a special way, the Arg structure is here to pass parameters easier.
https://github.com/OtterHacker/CoffLoader
@BlueRedTeam
GitHub
GitHub - OtterHacker/CoffLoader
Contribute to OtterHacker/CoffLoader development by creating an account on GitHub.
Python parser for #Cobalt_Strike stagers
Use parse_stager_config.py to search a file for Cobalt Strike stager shellcode. If shellcode is found, it will be extracted in JSON format.
https://github.com/stairwell-inc/cobalt-strike-stager-parser
@BlueRedTeam
Use parse_stager_config.py to search a file for Cobalt Strike stager shellcode. If shellcode is found, it will be extracted in JSON format.
https://github.com/stairwell-inc/cobalt-strike-stager-parser
@BlueRedTeam
GitHub
GitHub - stairwell-inc/cobalt-strike-stager-parser
Contribute to stairwell-inc/cobalt-strike-stager-parser development by creating an account on GitHub.
👍1
#Red_Team
Collection of tooling to use on Red Team engagements.
https://github.com/burnbrian/redteam-tooling
A curated list of Cybersecurity tools for Penetration Testing or Red Teaming.
https://github.com/q0phi80/CybersecurityTools
Eden Red Teaming
https://github.com/Eden-Advisory/altakahun
@BlueRedTeam
Collection of tooling to use on Red Team engagements.
https://github.com/burnbrian/redteam-tooling
A curated list of Cybersecurity tools for Penetration Testing or Red Teaming.
https://github.com/q0phi80/CybersecurityTools
Eden Red Teaming
https://github.com/Eden-Advisory/altakahun
@BlueRedTeam
#Cobalt_Strike
All in 1 repo for anything and everything I work with that is Cobalt Strike related.
https://github.com/Altoid0/CobaltStrike-Library
@BlueRedTeam
All in 1 repo for anything and everything I work with that is Cobalt Strike related.
https://github.com/Altoid0/CobaltStrike-Library
@BlueRedTeam
👍1
#Red_Team
Collection of tooling to use on Red Team engagements.
https://github.com/burnbrian/redteam-utilities
@BlueRedTeam
Collection of tooling to use on Red Team engagements.
https://github.com/burnbrian/redteam-utilities
@BlueRedTeam
#Red_Team
Anti Forensics Tool For Red Teamers, Used For Erasing Footprints In The Post Exploitation Phase.
https://github.com/PaulNorman01/Forensia
@BlueRedTeam
Anti Forensics Tool For Red Teamers, Used For Erasing Footprints In The Post Exploitation Phase.
https://github.com/PaulNorman01/Forensia
@BlueRedTeam
GitHub
GitHub - PaulNorman01/Forensia: Anti Forensics Tool For Red Teamers, Used For Erasing Footprints In The Post Exploitation Phase.
Anti Forensics Tool For Red Teamers, Used For Erasing Footprints In The Post Exploitation Phase. - PaulNorman01/Forensia
#Cobalt_Strike
Support Cobalt Strike's security assessment of other platforms (Linux/MacOS/...), and include the development support of Unix post-penetration module.
https://github.com/gloxec/CrossC2
Wiki 📖 https://gloxec.github.io/CrossC2/en/
@BlueRedTeam
Support Cobalt Strike's security assessment of other platforms (Linux/MacOS/...), and include the development support of Unix post-penetration module.
https://github.com/gloxec/CrossC2
Wiki 📖 https://gloxec.github.io/CrossC2/en/
@BlueRedTeam
GitHub
GitHub - gloxec/CrossC2: generate CobaltStrike's cross-platform payload
generate CobaltStrike's cross-platform payload. Contribute to gloxec/CrossC2 development by creating an account on GitHub.
#C2 #Cobalt_Strike
A Fully Undetectable C2 Server That Communicates Via Google SMTP to evade Antivirus Protections and Network Traffic Restrictions.
C2 Feature:
▫️ Persistence (type persist)
▫️ Shell Access
▫️ System Info (type info)
▫️ More Features Will Be Added
Features:
▫️ FUD Ratio 0/40
▫️ Bypass Any EDR's Solutions
▫️ Bypass Any Network Restrictions
▫️ Commands Are Being Sent in Base64 And Decoded on server side
▫️ No More Tcp Shits
https://github.com/machine1337/gmailc2
@BlueRedTeam
A Fully Undetectable C2 Server That Communicates Via Google SMTP to evade Antivirus Protections and Network Traffic Restrictions.
C2 Feature:
▫️ Persistence (type persist)
▫️ Shell Access
▫️ System Info (type info)
▫️ More Features Will Be Added
Features:
▫️ FUD Ratio 0/40
▫️ Bypass Any EDR's Solutions
▫️ Bypass Any Network Restrictions
▫️ Commands Are Being Sent in Base64 And Decoded on server side
▫️ No More Tcp Shits
https://github.com/machine1337/gmailc2
@BlueRedTeam
GitHub
GitHub - root4031/gmailc2: A Fully Undetectable C2 Server That Communicates Via Google SMTP to evade Antivirus Protections and…
A Fully Undetectable C2 Server That Communicates Via Google SMTP to evade Antivirus Protections and Network Traffic Restrictions - root4031/gmailc2
#Red_Team
A collection of red teaming and adversary emulation related tools, noscripts, techniques, notes, etc.
https://github.com/infosecn1nja/red-team-noscripts
@BlueRedTeam
A collection of red teaming and adversary emulation related tools, noscripts, techniques, notes, etc.
https://github.com/infosecn1nja/red-team-noscripts
@BlueRedTeam
GitHub
GitHub - infosecn1nja/red-team-noscripts: A collection of red teaming and adversary emulation related tools, noscripts, techniques…
A collection of red teaming and adversary emulation related tools, noscripts, techniques, notes, etc - infosecn1nja/red-team-noscripts
#Cobalt_Strike
amd ryzen driver exploit
Cobalt Strike (CS) Beacon Object File (BOF) for kernel exploitation using AMD's Ryzen Master Driver (version 17).
https://github.com/tijme/amd-ryzen-master-driver-v17-exploit
@BlueRedTeam
amd ryzen driver exploit
Cobalt Strike (CS) Beacon Object File (BOF) for kernel exploitation using AMD's Ryzen Master Driver (version 17).
https://github.com/tijme/amd-ryzen-master-driver-v17-exploit
@BlueRedTeam
GitHub
GitHub - tijme/amd-ryzen-master-driver-v17-exploit: Cobalt Strike (CS) Beacon Object File (BOF) for kernel exploitation using AMD's…
Cobalt Strike (CS) Beacon Object File (BOF) for kernel exploitation using AMD's Ryzen Master Driver (version 17). - tijme/amd-ryzen-master-driver-v17-exploit
#Red_Team
Inline-Execute-PE is a suite of Beacon Object Files (BOF's) and an accompanying Aggressor noscript for #Cobalt_Strike that enables Operators to load unmanaged Windows executables into Beacon memory and execute them, retrieving the output and rendering it in the Beacon console.
https://github.com/Octoberfest7/Inline-Execute-PE
@BlueRedTeam
Inline-Execute-PE is a suite of Beacon Object Files (BOF's) and an accompanying Aggressor noscript for #Cobalt_Strike that enables Operators to load unmanaged Windows executables into Beacon memory and execute them, retrieving the output and rendering it in the Beacon console.
https://github.com/Octoberfest7/Inline-Execute-PE
@BlueRedTeam
GitHub
GitHub - Octoberfest7/Inline-Execute-PE: Execute unmanaged Windows executables in CobaltStrike Beacons
Execute unmanaged Windows executables in CobaltStrike Beacons - GitHub - Octoberfest7/Inline-Execute-PE: Execute unmanaged Windows executables in CobaltStrike Beacons
#Red_Team
NativePayload_PE1/PE2 , Injecting Meterpreter Payload bytes into local Process via Delegation Technique + in-memory with delay Changing RWX to X or RX or (both) [Bypassing AVs].
https://github.com/DamonMohammadbagher/NativePayload_PE1
@BlueRedTeam
NativePayload_PE1/PE2 , Injecting Meterpreter Payload bytes into local Process via Delegation Technique + in-memory with delay Changing RWX to X or RX or (both) [Bypassing AVs].
https://github.com/DamonMohammadbagher/NativePayload_PE1
@BlueRedTeam
#Red_Team
This tool is used for backdoor and shellcode generation for various architecture devices.
https://github.com/doudoudedi/hackEmbedded
@BlueRedTeam
This tool is used for backdoor and shellcode generation for various architecture devices.
https://github.com/doudoudedi/hackEmbedded
@BlueRedTeam
👎1
#Red_Team
The shortest payload for a tiny php reverse shell written in 19 bytes using only non-alphanumeric characters. Hex values inside indicate raw bytes.
This will help to bypass WAF and execute PHP reverse shell for RCE.
https://gist.github.com/0xSojalSec/5bee09c7035985ddc13fddb16f191075
@BlueRedTeam
The shortest payload for a tiny php reverse shell written in 19 bytes using only non-alphanumeric characters. Hex values inside indicate raw bytes.
This will help to bypass WAF and execute PHP reverse shell for RCE.
https://gist.github.com/0xSojalSec/5bee09c7035985ddc13fddb16f191075
@BlueRedTeam
#Cobalt_Strike Beacon Notifier
A #?Cobalt Strike Beacon Notifier Via #Telegram #Bot.
Features:
▫️ Showing the Name of the Current User
▫️ Showing the Computer Name of the Current User
▫️ Showing the Type and Version of the Operating System
▫️ Showing the Type of the Process Exec Name
▫️ Showing the Internal IP of the System
▫️ Showing the Enternal IP of the System
https://github.com/lynxbinz/CS-Beacon-Notifier
@BlueRedTeam
A #?Cobalt Strike Beacon Notifier Via #Telegram #Bot.
Features:
▫️ Showing the Name of the Current User
▫️ Showing the Computer Name of the Current User
▫️ Showing the Type and Version of the Operating System
▫️ Showing the Type of the Process Exec Name
▫️ Showing the Internal IP of the System
▫️ Showing the Enternal IP of the System
https://github.com/lynxbinz/CS-Beacon-Notifier
@BlueRedTeam
👍1👎1
#Red_Team
Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle to ntdll, and trigger exported APIs from the export table.
https://github.com/TheD1rkMtr/NTDLLReflection
@BlueRedTeam
Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle to ntdll, and trigger exported APIs from the export table.
https://github.com/TheD1rkMtr/NTDLLReflection
@BlueRedTeam
#Red_Team
Red_Team_Code_Snippets
A disorganized repository of code snippets that I have found useful in getting the hang of new languages in the context of Red Team operations.
Some of this code will be referenced in other products and is retained here for ease of access.
https://github.com/0xTriboulet/Red_Team_Code_Snippets
@BlueRedTeam
Red_Team_Code_Snippets
A disorganized repository of code snippets that I have found useful in getting the hang of new languages in the context of Red Team operations.
Some of this code will be referenced in other products and is retained here for ease of access.
https://github.com/0xTriboulet/Red_Team_Code_Snippets
@BlueRedTeam
GitHub
GitHub - 0xTriboulet/Red_Team_Code_Snippets: random code snippets, useful for getting started
random code snippets, useful for getting started. Contribute to 0xTriboulet/Red_Team_Code_Snippets development by creating an account on GitHub.