cobaltstrike – Telegram
cobaltstrike
@c0baltstrike
2.24K subscribers
28 photos
1 video
18 files
569 links
All about Cobalt Strike. New versions, articles and more.
Download Telegram
About
Blog
Apps
Platform
Join
cobaltstrike
2.24K subscribers
cobaltstrike
cobaltstrike-cracked.rar
17.9 MB
1.92K views
cobaltstrike
https://www.mdsec.co.uk/2017/02/domain-fronting-via-cloudfront-alternate-domains/
744 views
cobaltstrike
https://blog.cobaltstrike.com/2017/02/06/high-reputation-redirectors-and-domain-fronting/
Cobalt Strike
Blog - Cobalt Strike
The Cobalt Strike Blog. Read new featured content, get updates on the latest patches, and insights into the future of red teaming tools.
775 views
cobaltstrike
https://www.fireeye.com/blog/threat-research/2017/03/apt29_domain_frontin.html
Google Cloud
Cloud Security Resources
Safeguard your cybersecurity with Google Cloud's security resources. Reduce risk and boost your organization's threat detection and response abilities.
687 views
cobaltstrike
https://github.com/ryanohoro/csbruter
GitHub
GitHub - ryanohoro/csbruter: Cobalt Strike team server password brute force tool
Cobalt Strike team server password brute force tool - ryanohoro/csbruter
621 views
cobaltstrike
https://posts.specterops.io/https-payload-and-c2-redirectors-ff8eb6f87742
Medium
HTTPS Payload and C2 Redirectors
I’ve written rather extensively about the use of redirectors and how they can strengthen your red team assessments. Since my first post on…
637 views
cobaltstrike
Remote kernel debugging "lateral movement" via WMI. An example of one of the many use cases for new #PowerShell BCD module (still in very early stages).
https://github.com/mattifestation/BCD
669 views
cobaltstrike
https://medium.com/@001SPARTaN/cobalt-strike-visualizations-e6a6e841e16b
Medium
Cobalt Strike Visualizations
NOTE: This post is not entry-level. This will be a deep dive into complex Aggressor noscripting, and undocumented functionality. Fair warning…
640 views
cobaltstrike
https://github.com/peewpw/Invoke-BSOD
GitHub
GitHub - peewpw/Invoke-BSOD: For when you want a computer to be done - without admin!
For when you want a computer to be done - without admin! - peewpw/Invoke-BSOD
584 views
cobaltstrike
https://eyun.baidu.com/s/3dEES1u5
573 views
cobaltstrike
Db_hEGSVMAIPcbb.jpg
260.9 KB
Run a CobaltStrike beacon from a Microsoft Signed Binary vsjitdebugger.exe
812 views
cobaltstrike
DcHt7zhWsAEY_4K.jpg
195 KB
CobaltStrike beacon through pcwrun.exe
831 views
cobaltstrike
https://github.com/bluscreenofjeff/malleable-c2-randomizer
GitHub
GitHub - bluscreenofjeff/Malleable-C2-Randomizer: A noscript to randomize Cobalt Strike Malleable C2 profiles and reduce the chances…
A noscript to randomize Cobalt Strike Malleable C2 profiles and reduce the chances of flagging signature-based detection controls - bluscreenofjeff/Malleable-C2-Randomizer
668 views
cobaltstrike
https://vincentyiu.co.uk/cobaltsplunk/
Cobalt Strike Splunk Application for CobaltStrike available here https://github.com/vysec/CobaltSplunk. It parses Cobalt Strike logs, and has some predefined dashboards and queries
645 viewsedited  
cobaltstrike
https://zachgrace.com/2018/05/20/Red_Team_Telemetry_Part_1.html
Zachgrace
Red Team Telemetry Part 1 · Zach Grace
The automatic recording of red team activities
655 views
cobaltstrike
if youre CS instances under attack, block public atttackers:
curl -X POST -d "tag=COBALT_STRIKE_SCANNER_HIGH" https://api.greynoise.io/v1/query/tag  | python -m json.tool | grep "ip" | cut -d ":" -f 2 | cut -d '"' -f 2 | sort -u | grep -e '^\([0-9]\{1,3\}\.\)\{3\}[0-9]\{1,3\}$' | sed -e 's/^/sudo iptables -I INPUT -s /g' | sed -e 's/$/\/32 -j DROP/g'
2.36K views
cobaltstrike
https://labs.nettitude.com/blog/apache-mod_python-for-red-teams/
Nettitude Labs
Apache mod_python for red teams — Nettitude Labs
Nettitude’s red team engagements are typically designed to be as highly targeted and as stealthy as possible. For the command and control (C2) infrastructure, this means layering several techniques. We hide all of our C2 infrastructure behind a number of…
694 views
cobaltstrike
Yet another automatisation tool written on golang
https://github.com/rmikehodges/hideNsneak
GitHub
GitHub - rmikehodges/hideNsneak: a CLI for ephemeral penetration testing
a CLI for ephemeral penetration testing. Contribute to rmikehodges/hideNsneak development by creating an account on GitHub.
663 views
cobaltstrike
https://zachgrace.com/posts/cobalt_strike_redirectors/
Zachgrace
Hybrid Cobalt Strike Redirectors · Zach Grace
Using Cloud Redirectors With An On-Prem Cobalt Strike Teamserver
681 views
cobaltstrike
https://www.blackhillsinfosec.com/google-docs-becomes-google-socks-c2-over-google-drive
Black Hills Information Security
Google Docs becomes Google SOCKS: C2 Over Google Drive - Black Hills Information Security
Luke Baggett // If you’re monitoring a network with internet access, it’s almost inevitable that you’re going to see a lot of traffic to and from Google servers. Blending in […]
707 views
cobaltstrike
ProcessTree.cna - cobaltstrike aggressor noscript to build a process tree. Based off @r3dQu1nn's ProcessColor.cna for better session prepping and OpSec. https://github.com/ars3n11/Aggressor-Scripts
GitHub
GitHub - ars3n11/Aggressor-Scripts: Cobalt Strike aggressor noscripts
Cobalt Strike aggressor noscripts. Contribute to ars3n11/Aggressor-Scripts development by creating an account on GitHub.
730 views