TeamServer.prop is an optional properties file used by the Cobalt Strike teamserver to customize the settings used to validate screenshot and keylog callback data, which allows you to tweak the fix for the “HotCobalt” vulnerability. This repository contains an example file that contains the default settings.
☆68Aug 5, 2025Updated 7 months ago
Alternatives and similar repositories for teamserver-prop
Users that are interested in teamserver-prop are comparing it to the libraries listed below
Sorting:
- This aggressor script uses a beacon's note field to indicate the health status of a beacon.☆141Sep 29, 2021Updated 4 years ago
- A small Aggressor script to help Red Teams identify foreign processes on a host machine☆84Jan 6, 2023Updated 3 years ago
- Cobalt Strike Get clipboard plugin☆15Aug 11, 2023Updated 2 years ago
- This project is 'bridge' between the sleep and python language. It allows the control of a Cobalt Strike teamserver through python withou…☆187Aug 3, 2025Updated 7 months ago
- Move CS beacon to GPU memory when sleeping☆251Nov 19, 2021Updated 4 years ago
- CobaltWhispers is an aggressor script that utilizes a collection of Beacon Object Files (BOF) for Cobalt Strike to perform process inject…☆242Jan 4, 2023Updated 3 years ago
- Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that b…☆219Jul 14, 2021Updated 4 years ago
- AutoStart teamserver and listeners with services☆75Dec 23, 2021Updated 4 years ago
- Python module for running BOFs☆80Nov 28, 2025Updated 3 months ago
- Using fibers to execute shellcode in a local process via csharp☆28Jan 2, 2022Updated 4 years ago
- A demo of the relevant blog post: https://www.arashparsa.com/hook-heaps-and-live-free/☆193Sep 9, 2021Updated 4 years ago
- Bypass cobaltstrike beacon config scan☆84May 24, 2021Updated 4 years ago
- CobaltStrike BOF - Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate)☆300Sep 28, 2021Updated 4 years ago
- Cobalt Strike BOF that uses a custom ASM HalosGate & HellsGate syscaller to return a list of processes☆107Mar 8, 2023Updated 2 years ago
- Beacon.dll reverse☆141Sep 5, 2021Updated 4 years ago
- C code to enable ETW tracing for Dotnet Assemblies☆32Aug 12, 2022Updated 3 years ago
- POC for Cobalt Strike external C2☆141Sep 6, 2021Updated 4 years ago
- Cobalt Strike Shellcode Generator☆669Jan 8, 2025Updated last year
- Cobalt Strike Beacon Object Files☆167May 2, 2022Updated 3 years ago
- Convert Microsoft Defender Antivirus Signatures (VDM) into a SQL DB☆24Jun 27, 2025Updated 8 months ago
- Determine if the WebClient Service (WebDAV) is running on a remote system☆27Sep 29, 2021Updated 4 years ago
- A very proof-of-concept port of InlineWhispers for using syscalls in Nim projects.☆166Sep 10, 2021Updated 4 years ago
- ☆94May 14, 2022Updated 3 years ago
- Code snippets to add on top of cobalt strike sleepmask kit so that ekko can work in a CFG protected process☆49Mar 15, 2023Updated 2 years ago
- UDRL for CS☆443Dec 3, 2023Updated 2 years ago
- Cobalt Strike BOF for quser.exe implementation using Windows API☆87Mar 22, 2023Updated 2 years ago
- Beacon Object Files for roasting Active Directory☆235Feb 21, 2022Updated 4 years ago
- A beacon generator using Cobalt Strike and a variety of tools.☆448Aug 10, 2021Updated 4 years ago
- Cobalt Strike beacon object file that allows you to query and make changes to the Windows Registry☆31Feb 11, 2021Updated 5 years ago
- ☆180Feb 3, 2021Updated 5 years ago
- C# POC for CVE-2021-26855 aka ProxyLogon, supports the classically semi-interactive web shell as well as shellcode injection☆250Mar 31, 2021Updated 4 years ago
- Convert Cobalt Strike profiles to IIS web.config files☆114Aug 23, 2021Updated 4 years ago
- Cobalt Strike BOF that spawns a sacrificial process, injects it with shellcode, and executes payload. Built to evade EDR/UserLand hooks b…☆469Mar 8, 2023Updated 2 years ago
- Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions☆94Mar 8, 2023Updated 2 years ago
- Cobalt Strike UDRL for memory scanner evasion.☆1,006Jun 4, 2024Updated last year
- Remove API hooks from a Beacon process.☆282Sep 18, 2021Updated 4 years ago
- Cobalt Strike beacon object file implementation for trusted path UAC bypass. The target executable will be called without involving "cmd.…☆146Aug 16, 2021Updated 4 years ago
- Cobalt Strike User-Defined Reflective Loader with AV/EDR Evasion in mind☆482Jul 12, 2023Updated 2 years ago
- proxyshell payload generate☆75Aug 14, 2021Updated 4 years ago