Nettitude’s red team engagements are typically designed to be as highly targeted and as stealthy as possible. For the command and control (C2) infrastructure, this means layering several techniques. We hide all of our C2 infrastructure behind a number of…

a CLI for ephemeral penetration testing. Contribute to rmikehodges/hideNsneak development by creating an account on GitHub.

Using Cloud Redirectors With An On-Prem Cobalt Strike Teamserver

Luke Baggett // If you’re monitoring a network with internet access, it’s almost inevitable that you’re going to see a lot of traffic to and from Google servers. Blending in […]

Cobalt Strike aggressor noscripts. Contribute to ars3n11/Aggressor-Scripts development by creating an account on GitHub.

Artifact analysis tools by JPCERT/CC Analysis Center - aa-tools/cobaltstrikescan.py at master · JPCERTCC/aa-tools

SharpBox is a C# tool for compressing, encrypting, and exfiltrating data to DropBox using the DropBox API. - GitHub - P1CKLES/SharpBox: SharpBox is a C# tool for compressing, encrypting, and exfil...

It’s not fun to get caught on an assessment because your target has your toolset signatured. It’s even less fun if that signature is easily bypassed. Cobalt Strike’s Malleable C2 is a method of avoiding that problem when it comes to command and control (C2)…

One of Cobalt Strike’s most valuable features is its ability to modify the behavior of the Beacon payload. By changing various defaults…

https://github.com/SleepZ3R0/CobaltStrike-Logging

Cobalt Strike Aggressor Scripts. Contribute to threatexpress/aggressor-noscripts development by creating an account on GitHub.

Cobalt Strike Malleable C2 Design and Reference Guide - threatexpress/malleable-c2

Contribute to ztgrace/red_team_telemetry development by creating an account on GitHub.

Contribute to jamesbcook/terraform development by creating an account on GitHub.

Cobalt Strike Situational Awareness Commands. GitHub Gist: instantly share code, notes, and snippets.

DoHC2 allows the ExternalC2 library from Ryan Hanson (https://github.com/ryhanson/ExternalC2) to be leveraged for command and control (C2) via DNS over HTTPS (DoH). - SpiderLabs/DoHC2

I (@ChrisTruncer) had the opportunity to speak at Wild West Hackin Fest last week along with Harley LeBeau (@r3dQu1nn) on a topic we called “Aggressive Autonomous Actions – Operating with Automation”. This was a talk that we have been working on for a few…