Alternatives and similar repositories for Awesome-CobaltStrike-Defence

Users that are interested in Awesome-CobaltStrike-Defence are comparing it to the libraries listed below

• Apr4h / CobaltStrikeScan

  View on GitHub
  Scan files or process memory for CobaltStrike beacons and parse their configuration
  ☆923Aug 19, 2021Updated 4 years ago
• Sentinel-One / CobaltStrikeParser

  View on GitHub
  ☆1,129Dec 19, 2023Updated 2 years ago
• CCob / BeaconEye

  View on GitHub
  Hunts out CobaltStrike beacons and logs operator command output
  ☆951Sep 4, 2024Updated last year
• whickey-r7 / grab_beacon_config

  View on GitHub
  ☆451Aug 4, 2021Updated 4 years ago
• sbousseaden / EVTX-ATTACK-SAMPLES

  View on GitHub
  Windows Events Attack Samples
  ☆2,507Jan 24, 2023Updated 3 years ago
• 3lp4tr0n / BeaconHunter

  View on GitHub
  Detect and respond to Cobalt Strike beacons using ETW.
  ☆520Jul 15, 2022Updated 3 years ago
• zer0yu / Awesome-CobaltStrike

  View on GitHub
  List of Awesome CobaltStrike Resources
  ☆4,384Sep 20, 2023Updated 2 years ago
• Te-k / cobaltstrike

  View on GitHub
  Code and yara rules to detect and analyze Cobalt Strike
  ☆273May 5, 2021Updated 4 years ago
• optiv / ScareCrow

  View on GitHub
  ScareCrow - Payload creation framework designed around EDR bypass.
  ☆2,867Aug 18, 2023Updated 2 years ago
• Mr-Un1k0d3r / EDRs

  View on GitHub
  ☆2,169Feb 21, 2023Updated 2 years ago
• mgeeky / RedWarden

  View on GitHub
  Cobalt Strike C2 Reverse proxy that fends off Blue Teams, AVs, EDRs, scanners through packet inspection and malleable profile correlation
  ☆992Oct 7, 2022Updated 3 years ago
• ahmedkhlief / APT-Hunter

  View on GitHub
  APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the …
  ☆1,400Nov 7, 2024Updated last year
• mgeeky / cobalt-arsenal

  View on GitHub
  My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+
  ☆1,098Apr 19, 2023Updated 2 years ago
• blackorbird / APT_REPORT

  View on GitHub
  Interesting APT Report Collection And Some Special IOCs
  ☆2,889Updated this week
• threatexpress / malleable-c2

  View on GitHub
  Cobalt Strike Malleable C2 Design and Reference Guide
  ☆1,749Dec 13, 2023Updated 2 years ago
• OTRF / Security-Datasets

  View on GitHub
  Re-play Security Events
  ☆1,723Mar 20, 2024Updated last year
• bats3c / shad0w

  View on GitHub
  A post exploitation framework designed to operate covertly on heavily monitored environments
  ☆2,169Sep 29, 2021Updated 4 years ago
• NextronSystems / APTSimulator

  View on GitHub
  A toolset to make a system look as if it was the victim of an APT attack
  ☆2,710Sep 23, 2025Updated 4 months ago
• RedSiege / C2concealer

  View on GitHub
  C2concealer is a command line tool that generates randomized C2 malleable profiles for use in Cobalt Strike.
  ☆1,097Jun 25, 2024Updated last year
• ReversecLabs / C3

  View on GitHub
  Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing…
  ☆1,722Jan 16, 2026Updated last month
• byt3bl33d3r / pyMalleableC2

  View on GitHub
  Python interpreter for Cobalt Strike Malleable C2 Profiles. Allows you to parse, build and modify them programmatically.
  ☆281Oct 29, 2024Updated last year
• jthuraisamy / SysWhispers2

  View on GitHub
  AV/EDR evasion via direct system calls.
  ☆1,789Sep 3, 2022Updated 3 years ago
• 0xrawsec / whids

  View on GitHub
  Open Source EDR for Windows
  ☆1,296Feb 25, 2023Updated 2 years ago
• OTRF / ThreatHunter-Playbook

  View on GitHub
  A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…
  ☆4,475Jan 12, 2026Updated last month
• boku7 / BokuLoader

  View on GitHub
  A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!
  ☆1,399Nov 22, 2023Updated 2 years ago
• S1ckB0y1337 / Cobalt-Strike-CheatSheet

  View on GitHub
  Some notes and examples for cobalt strike's functionality
  ☆1,124Feb 8, 2022Updated 4 years ago
• CCob / SharpBlock

  View on GitHub
  A method of bypassing EDR's active projection DLL's by preventing entry point exection
  ☆1,164Mar 31, 2021Updated 4 years ago
• RCStep / CSSG

  View on GitHub
  Cobalt Strike Shellcode Generator
  ☆669Jan 8, 2025Updated last year
• ethereal-vx / Antivirus-Artifacts

  View on GitHub
  Anti-virus artifacts. Listing APIs hooked by: Avira, BitDefender, F-Secure, MalwareBytes, Norton, TrendMicro, and WebRoot.
  ☆753Nov 16, 2021Updated 4 years ago
• WithSecureLabs / chainsaw

  View on GitHub
  Rapidly Search and Hunt through Windows Forensic Artefacts
  ☆3,440Oct 12, 2025Updated 4 months ago
• ScarredMonk / SysmonSimulator

  View on GitHub
  Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detection…
  ☆859Jan 20, 2022Updated 4 years ago
• rabobank-cdc / DeTTECT

  View on GitHub
  Detect Tactics, Techniques & Combat Threats
  ☆2,262Jan 21, 2026Updated 3 weeks ago
• bluscreenofjeff / Red-Team-Infrastructure-Wiki

  View on GitHub
  Wiki to collect Red Team infrastructure hardening resources
  ☆4,442Oct 1, 2025Updated 4 months ago
• olafhartong / sysmon-modular

  View on GitHub
  A repository of sysmon configuration modules
  ☆2,968Aug 21, 2024Updated last year
• cobbr / Covenant

  View on GitHub
  Covenant is a collaborative .NET C2 framework for red teamers.
  ☆4,606Jul 18, 2024Updated last year
• clong / DetectionLab

  View on GitHub
  Automate the creation of a lab environment complete with security tooling and logging best practices
  ☆4,900Jul 6, 2024Updated last year
• mandiant / red_team_tool_countermeasures

  View on GitHub
  ☆2,663Mar 5, 2024Updated last year
• gloxec / CrossC2

  View on GitHub
  generate CobaltStrike's cross-platform payload
  ☆2,540Nov 20, 2023Updated 2 years ago
• S3cur3Th1sSh1t / WinPwn

  View on GitHub
  Automation for internal Windows Penetrationtest / AD-Security
  ☆3,641Aug 28, 2025Updated 5 months ago