A collection of Cobalt Strike Aggressor scripts.
☆109Jan 3, 2022Updated 4 years ago
Alternatives and similar repositories for cobaltstrike-aggressor-scripts
Users that are interested in cobaltstrike-aggressor-scripts are comparing it to the libraries listed below
Sorting:
- ☆109Feb 17, 2025Updated last year
- Quickly generate every payload type for each listener and optionally host via HTTP.☆22Aug 23, 2021Updated 4 years ago
- LSTAR - CobaltStrike Translated to EN☆22Jun 15, 2023Updated 2 years ago
- Various resources to enhance Cobalt Strike's functionality and its ability to evade antivirus/EDR detection☆323May 17, 2024Updated last year
- Bake shellcode to get malicious.exe☆27Jul 25, 2023Updated 2 years ago
- A C# port from Invoke-GhostTask☆120Jan 5, 2024Updated 2 years ago
- Aggressorscript that turns the headless aggressor client into a (mostly) functional cobalt strike client.☆147Sep 8, 2022Updated 3 years ago
- CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking☆285Jun 8, 2023Updated 2 years ago
- Cobalt Strike User-Defined Reflective Loader with AV/EDR Evasion in mind☆482Jul 12, 2023Updated 2 years ago
- Automated Active Directory lab running on Proxmox☆88Aug 8, 2025Updated 6 months ago
- Agressor script that lists available Cobalt Strike beacon commands and colors them based on their type☆211Mar 18, 2024Updated last year
- Heavily obfuscated ASP web shell generation tool.☆174Apr 26, 2024Updated last year
- Certified Red Team Operator (CRTO) Cheatsheet and Checklist☆212Mar 16, 2024Updated last year
- Parses logs created by Cobalt Strike or Brute Ratel and creates an SQLite DB which can be used to create custom reports.☆24Jan 15, 2026Updated last month
- ☆84May 19, 2024Updated last year
- ☆46Jun 21, 2023Updated 2 years ago
- comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…☆211Jun 10, 2024Updated last year
- Section Mapping Process Injection (secinject): Cobalt Strike BOF☆102Jan 7, 2022Updated 4 years ago
- ☆29May 10, 2024Updated last year
- Moriarty is designed to enumerate missing KBs, detect various vulnerabilities, and suggest potential exploits for Privilege Escalation in…☆514Aug 7, 2024Updated last year
- DLL Exports Extraction BOF with optional NTFS transactions.☆90Nov 5, 2021Updated 4 years ago
- Some notes and examples for cobalt strike's functionality☆1,127Feb 8, 2022Updated 4 years ago
- A POC to disable TamperProtection and other Defender / MDE components☆254Jun 6, 2024Updated last year
- Generate Shellcode Loaders & Injects☆159May 15, 2023Updated 2 years ago
- Beacon Object Files.☆36Feb 26, 2024Updated 2 years ago
- Execute unmanaged Windows executables in CobaltStrike Beacons☆714Mar 4, 2023Updated 3 years ago
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.☆102Jun 16, 2024Updated last year
- .net config loader☆348Nov 9, 2023Updated 2 years ago
- Remote BOF Runner is a Havoc extension framework for remote execution of Beacon Object Files (BOFs) using a PIC loader made with Crystal …☆89Jan 2, 2026Updated 2 months ago
- A Cobalt Strike payload generator and lateral movement aggressor script which places Beacon shellcode into a custom shellcode loader☆45Sep 25, 2024Updated last year
- exfiltration/infiltration toolkit☆23Dec 20, 2023Updated 2 years ago
- A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.☆204Dec 27, 2023Updated 2 years ago
- TCP Port Redirection Utility☆762Jan 31, 2023Updated 3 years ago
- Cobalt Strike Beacon Object File for bypassing UAC via the CMSTPLUA COM interface.☆214Oct 9, 2022Updated 3 years ago
- Reflective DLL Injection Made Bella☆250Jan 6, 2025Updated last year
- Monarch - The Adversary Emulation Toolkit☆64Jan 7, 2025Updated last year
- Backend development stack for agents☆29Jul 30, 2025Updated 7 months ago
- Lockless BOF☆79May 2, 2025Updated 10 months ago
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆148Dec 16, 2023Updated 2 years ago