Cobalt-Strike / community_kit
Cobalt Strike is a post-exploitation framework designed to be extended and customized by the user community. Several excellent tools and scripts have been written and published, but they can be challenging to locate. Community Kit is a central repository of extensions written by the user community to extend the capabilities of Cobalt Strike. The…
☆309Updated this week
Related projects: ⓘ
- A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techni…☆1,113Updated 10 months ago
- Useful C2 techniques and cheatsheets learned from engagements☆415Updated last month
- My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+☆1,029Updated last year
- Python version of the C# tool for "Shadow Credentials" attacks☆576Updated last month
- Malleable C2 Profiles. A collection of profiles used in different projects using Cobalt Strike & Empire.☆327Updated last year
- A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file form…☆843Updated 3 months ago
- Whisker is a C# tool for taking over Active Directory user and computer accounts by manipulating their msDS-KeyCredentialLink attribute, …☆792Updated 3 months ago
- Simple & Powerful PowerShell Script Obfuscator☆432Updated last year
- Dump NTDS with golden certificates and UnPAC the hash☆612Updated 5 months ago
- Another Windows Local Privilege Escalation from Service Account to System☆795Updated last year
- Some notes and examples for cobalt strike's functionality☆969Updated 2 years ago
- Cobalt Strike C2 Reverse proxy that fends off Blue Teams, AVs, EDRs, scanners through packet inspection and malleable profile correlation☆910Updated last year
- "Golden" certificates☆630Updated last month
- A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.☆621Updated 2 months ago
- ☆715Updated 2 years ago
- Checks running processes, process metadata, Dlls loaded into your current process and the each DLLs metadata, common install directories,…☆233Updated 11 months ago
- An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer☆695Updated last year
- The Hunt for Malicious Strings☆1,048Updated 2 years ago
- This repository contains scripts, configurations and deprecated payload loaders for Brute Ratel C4 (https://bruteratel.com/)☆253Updated last month
- SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.☆1,020Updated 5 months ago
- VPN Overall Reconnaissance, Testing, Enumeration and eXploitation Toolkit☆420Updated 10 months ago
- Checks running processes, process metadata, Dlls loaded into your current process and the each DLLs metadata, common install directories,…☆675Updated 11 months ago
- ☆162Updated 4 years ago
- ScareCrow - Payload creation framework designed around EDR bypass.☆240Updated last year
- PowerShell Script Obfuscator☆484Updated 10 months ago
- Killer tool is designed to bypass AV/EDR security tools using various evasive techniques.☆709Updated 2 months ago
- ☆400Updated 9 months ago
- Azure Outlook Command & Control (C2) - Remotely control a compromised Windows Device from your Outlook mailbox. Threat Emulation Tool for…☆457Updated last year
- ☆469Updated this week
- A password guessing tool that targets the Kerberos and LDAP services within the Windows Active Directory environment.☆430Updated last year