NEW BOT Телеграм, страница

cobaltstrike

Remote kernel debugging "lateral movement" via WMI. An example of one of the many use cases for new #PowerShell BCD module (still in very early stages).
https://github.com/mattifestation/BCD

669 views20:59

cobaltstrike

https://medium.com/@001SPARTaN/cobalt-strike-visualizations-e6a6e841e16b

Medium

Cobalt Strike Visualizations

NOTE: This post is not entry-level. This will be a deep dive into complex Aggressor noscripting, and undocumented functionality. Fair warning…

640 views12:11

cobaltstrike

https://github.com/peewpw/Invoke-BSOD

GitHub

GitHub - peewpw/Invoke-BSOD: For when you want a computer to be done - without admin!

For when you want a computer to be done - without admin! - peewpw/Invoke-BSOD

584 views12:42

cobaltstrike

https://eyun.baidu.com/s/3dEES1u5

573 views12:42

cobaltstrike

Db_hEGSVMAIPcbb.jpg

260.9 KB

Run a CobaltStrike beacon from a Microsoft Signed Binary vsjitdebugger.exe

812 views12:46

cobaltstrike

DcHt7zhWsAEY_4K.jpg

195 KB

CobaltStrike beacon through pcwrun.exe

831 views12:47

cobaltstrike

https://github.com/bluscreenofjeff/malleable-c2-randomizer

GitHub

GitHub - bluscreenofjeff/Malleable-C2-Randomizer: A noscript to randomize Cobalt Strike Malleable C2 profiles and reduce the chances…

A noscript to randomize Cobalt Strike Malleable C2 profiles and reduce the chances of flagging signature-based detection controls - bluscreenofjeff/Malleable-C2-Randomizer

668 views14:24

cobaltstrike

https://vincentyiu.co.uk/cobaltsplunk/
Cobalt Strike Splunk Application for CobaltStrike available here https://github.com/vysec/CobaltSplunk. It parses Cobalt Strike logs, and has some predefined dashboards and queries

645 viewsedited 21:02

cobaltstrike

https://zachgrace.com/2018/05/20/Red_Team_Telemetry_Part_1.html

Zachgrace

Red Team Telemetry Part 1 · Zach Grace

The automatic recording of red team activities

655 views08:17

cobaltstrike

if youre CS instances under attack, block public atttackers:

curl -X POST -d "tag=COBALT_STRIKE_SCANNER_HIGH" https://api.greynoise.io/v1/query/tag  | python -m json.tool | grep "ip" | cut -d ":" -f 2 | cut -d '"' -f 2 | sort -u | grep -e '^\([0-9]\{1,3\}\.\)\{3\}[0-9]\{1,3\}$' | sed -e 's/^/sudo iptables -I INPUT -s /g' | sed -e 's/$/\/32 -j DROP/g'

2.36K views20:04

cobaltstrike

https://labs.nettitude.com/blog/apache-mod_python-for-red-teams/

Nettitude Labs

Apache mod_python for red teams — Nettitude Labs

Nettitude’s red team engagements are typically designed to be as highly targeted and as stealthy as possible. For the command and control (C2) infrastructure, this means layering several techniques. We hide all of our C2 infrastructure behind a number of…

694 views21:10

cobaltstrike

Yet another automatisation tool written on golang
https://github.com/rmikehodges/hideNsneak

GitHub

GitHub - rmikehodges/hideNsneak: a CLI for ephemeral penetration testing

a CLI for ephemeral penetration testing. Contribute to rmikehodges/hideNsneak development by creating an account on GitHub.

663 views09:05

cobaltstrike

https://zachgrace.com/posts/cobalt_strike_redirectors/

Zachgrace

Hybrid Cobalt Strike Redirectors · Zach Grace

Using Cloud Redirectors With An On-Prem Cobalt Strike Teamserver

681 views14:45

cobaltstrike

https://www.blackhillsinfosec.com/google-docs-becomes-google-socks-c2-over-google-drive

Black Hills Information Security

Google Docs becomes Google SOCKS: C2 Over Google Drive - Black Hills Information Security

Luke Baggett // If you’re monitoring a network with internet access, it’s almost inevitable that you’re going to see a lot of traffic to and from Google servers. Blending in […]

707 views15:15

cobaltstrike

ProcessTree.cna - cobaltstrike aggressor noscript to build a process tree. Based off @r3dQu1nn's ProcessColor.cna for better session prepping and OpSec. https://github.com/ars3n11/Aggressor-Scripts

GitHub

GitHub - ars3n11/Aggressor-Scripts: Cobalt Strike aggressor noscripts

Cobalt Strike aggressor noscripts. Contribute to ars3n11/Aggressor-Scripts development by creating an account on GitHub.

730 views06:48

cobaltstrike

https://labs.mwrinfosecurity.com/blog/experimenting-bypassing-memory-scanners-with-cobalt-strike-and-gargoyle/

738 views09:17

cobaltstrike

https://github.com/JPCERTCC/aa-tools/blob/master/cobaltstrikescan.py
Volatility plugin for cobaltstrike beacon forensic

http://www.jpcert.or.jp/magazine/acreport-cobaltstrike.html

GitHub

aa-tools/cobaltstrikescan.py at master · JPCERTCC/aa-tools

Artifact analysis tools by JPCERT/CC Analysis Center - aa-tools/cobaltstrikescan.py at master · JPCERTCC/aa-tools

803 views09:36

cobaltstrike

https://www.noscript01.net/2018/08/22/一起來看看cobaltstrike和armitage聯動能達到什麼效果/

708 views08:49

cobaltstrike

Little exfil C# tool for compressing, encrypting, and uploading data to Dropbox. Works great using "execute-assembly" in Cobalt Strike.

https://github.com/P1CKLES/SharpBox

GitHub

GitHub - P1CKLES/SharpBox: SharpBox is a C# tool for compressing, encrypting, and exfiltrating data to DropBox using the DropBox…

SharpBox is a C# tool for compressing, encrypting, and exfiltrating data to DropBox using the DropBox API. - GitHub - P1CKLES/SharpBox: SharpBox is a C# tool for compressing, encrypting, and exfil...

635 views14:52

cobaltstrike

https://bluescreenofjeff.com/2017-01-24-how-to-write-malleable-c2-profiles-for-cobalt-strike/

bluescreenofjeff.com - a blog about penetration testing and red teaming

How to Write Malleable C2 Profiles for Cobalt Strike

It’s not fun to get caught on an assessment because your target has your toolset signatured. It’s even less fun if that signature is easily bypassed. Cobalt Strike’s Malleable C2 is a method of avoiding that problem when it comes to command and control (C2)…

613 views21:23

cobaltstrike

https://posts.specterops.io/a-deep-dive-into-cobalt-strike-malleable-c2-6660e33b0e0b