NEW BOT Телеграм, страница

655 views08:17

if youre CS instances under attack, block public atttackers:

curl -X POST -d "tag=COBALT_STRIKE_SCANNER_HIGH" https://api.greynoise.io/v1/query/tag  | python -m json.tool | grep "ip" | cut -d ":" -f 2 | cut -d '"' -f 2 | sort -u | grep -e '^\([0-9]\{1,3\}\.\)\{3\}[0-9]\{1,3\}$' | sed -e 's/^/sudo iptables -I INPUT -s /g' | sed -e 's/$/\/32 -j DROP/g'

2.36K views20:04

cobaltstrike

https://labs.nettitude.com/blog/apache-mod_python-for-red-teams/

Nettitude Labs

Apache mod_python for red teams — Nettitude Labs

Nettitude’s red team engagements are typically designed to be as highly targeted and as stealthy as possible. For the command and control (C2) infrastructure, this means layering several techniques. We hide all of our C2 infrastructure behind a number of…

694 views21:10

cobaltstrike

Yet another automatisation tool written on golang
https://github.com/rmikehodges/hideNsneak

GitHub

GitHub - rmikehodges/hideNsneak: a CLI for ephemeral penetration testing

a CLI for ephemeral penetration testing. Contribute to rmikehodges/hideNsneak development by creating an account on GitHub.

663 views09:05

cobaltstrike

https://zachgrace.com/posts/cobalt_strike_redirectors/

Zachgrace

Hybrid Cobalt Strike Redirectors · Zach Grace

Using Cloud Redirectors With An On-Prem Cobalt Strike Teamserver

681 views14:45

cobaltstrike

https://www.blackhillsinfosec.com/google-docs-becomes-google-socks-c2-over-google-drive

Black Hills Information Security

Google Docs becomes Google SOCKS: C2 Over Google Drive - Black Hills Information Security

Luke Baggett // If you’re monitoring a network with internet access, it’s almost inevitable that you’re going to see a lot of traffic to and from Google servers. Blending in […]

707 views15:15

cobaltstrike

ProcessTree.cna - cobaltstrike aggressor noscript to build a process tree. Based off @r3dQu1nn's ProcessColor.cna for better session prepping and OpSec. https://github.com/ars3n11/Aggressor-Scripts

GitHub

GitHub - ars3n11/Aggressor-Scripts: Cobalt Strike aggressor noscripts

Cobalt Strike aggressor noscripts. Contribute to ars3n11/Aggressor-Scripts development by creating an account on GitHub.

730 views06:48

cobaltstrike

https://labs.mwrinfosecurity.com/blog/experimenting-bypassing-memory-scanners-with-cobalt-strike-and-gargoyle/

738 views09:17

cobaltstrike

https://github.com/JPCERTCC/aa-tools/blob/master/cobaltstrikescan.py
Volatility plugin for cobaltstrike beacon forensic

http://www.jpcert.or.jp/magazine/acreport-cobaltstrike.html

GitHub

aa-tools/cobaltstrikescan.py at master · JPCERTCC/aa-tools

Artifact analysis tools by JPCERT/CC Analysis Center - aa-tools/cobaltstrikescan.py at master · JPCERTCC/aa-tools

803 views09:36

cobaltstrike

https://www.noscript01.net/2018/08/22/一起來看看cobaltstrike和armitage聯動能達到什麼效果/

708 views08:49

cobaltstrike

Little exfil C# tool for compressing, encrypting, and uploading data to Dropbox. Works great using "execute-assembly" in Cobalt Strike.

https://github.com/P1CKLES/SharpBox

GitHub

GitHub - P1CKLES/SharpBox: SharpBox is a C# tool for compressing, encrypting, and exfiltrating data to DropBox using the DropBox…

SharpBox is a C# tool for compressing, encrypting, and exfiltrating data to DropBox using the DropBox API. - GitHub - P1CKLES/SharpBox: SharpBox is a C# tool for compressing, encrypting, and exfil...

635 views14:52

cobaltstrike

https://bluescreenofjeff.com/2017-01-24-how-to-write-malleable-c2-profiles-for-cobalt-strike/

bluescreenofjeff.com - a blog about penetration testing and red teaming

How to Write Malleable C2 Profiles for Cobalt Strike

It’s not fun to get caught on an assessment because your target has your toolset signatured. It’s even less fun if that signature is easily bypassed. Cobalt Strike’s Malleable C2 is a method of avoiding that problem when it comes to command and control (C2)…

613 views21:23

cobaltstrike

https://posts.specterops.io/a-deep-dive-into-cobalt-strike-malleable-c2-6660e33b0e0b

Medium

A Deep Dive into Cobalt Strike Malleable C2

One of Cobalt Strike’s most valuable features is its ability to modify the behavior of the Beacon payload. By changing various defaults…

617 views06:34

cobaltstrike

https://www.youtube.com/watch?v=XWV60J8m3S4
https://github.com/SleepZ3R0/CobaltStrike-Logging

YouTube

Cobalt Strike Survey Script to .CSV mrbs.py

https://github.com/SleepZ3R0/CobaltStrike-Logging

606 views20:20

cobaltstrike

https://github.com/threatexpress/aggressor-noscripts/tree/master/beacon_webview

GitHub

aggressor-noscripts/beacon_webview at master · threatexpress/aggressor-noscripts

Cobalt Strike Aggressor Scripts. Contribute to threatexpress/aggressor-noscripts development by creating an account on GitHub.

645 views05:54

cobaltstrike

Reference Malleable C2 profile was just updated to take advantage of the latest #CobaltStrike 3.12 additions.
https://github.com/threatexpress/malleable-c2

GitHub

GitHub - threatexpress/malleable-c2: Cobalt Strike Malleable C2 Design and Reference Guide

Cobalt Strike Malleable C2 Design and Reference Guide - threatexpress/malleable-c2

660 views12:39

cobaltstrike

smbexec_psh.cna

1.4 KB

Had some problems with Cobalt Strike's psexec & mimikatz functions today, so was able to cobble together a solution to achieve psexec from one domain to another with Invoke-SMBExec.ps1

886 viewsedited 12:56

cobaltstrike

https://github.com/ztgrace/red_team_telemetry

GitHub

GitHub - ztgrace/red_team_telemetry

Contribute to ztgrace/red_team_telemetry development by creating an account on GitHub.

676 views05:46

cobaltstrike

https://github.com/jamesbcook/terraform

GitHub

GitHub - jamesbcook/terraform

Contribute to jamesbcook/terraform development by creating an account on GitHub.