Toolset for research malware and Cobalt Strike beacons
☆211Mar 11, 2025Updated 11 months ago
Alternatives and similar repositories for CobaltStrikeForensic
Users that are interested in CobaltStrikeForensic are comparing it to the libraries listed below
Sorting:
- ☆1,132Dec 19, 2023Updated 2 years ago
- Analysis of malware and Cyber Threat Intel of APT and cybercriminals groups☆723Dec 26, 2022Updated 3 years ago
- Scan files or process memory for CobaltStrike beacons and parse their configuration☆922Aug 19, 2021Updated 4 years ago
- ☆451Aug 4, 2021Updated 4 years ago
- This aggressor script uses a beacon's note field to indicate the health status of a beacon.☆141Sep 29, 2021Updated 4 years ago
- Bypass cobaltstrike beacon config scan☆84May 24, 2021Updated 4 years ago
- Code and yara rules to detect and analyze Cobalt Strike☆272May 5, 2021Updated 4 years ago
- Cobalt Strike Python API☆304Jan 27, 2022Updated 4 years ago
- RedPeanut is a small RAT developed in .Net Core 2 and its agent in .Net 3.5 / 4.0.☆330Jul 7, 2023Updated 2 years ago
- Example VBA Macro for MacOS Mojave☆67Oct 31, 2018Updated 7 years ago
- Defences against Cobalt Strike☆1,296Jul 14, 2022Updated 3 years ago
- Standalone version of my AES Powershell payload for Cobalt Strike.☆111Dec 27, 2019Updated 6 years ago
- ☆349Mar 19, 2021Updated 4 years ago
- Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources☆1,530Jun 30, 2023Updated 2 years ago
- sploit☆67Dec 21, 2019Updated 6 years ago
- Windows Events Attack Samples☆2,517Jan 24, 2023Updated 3 years ago
- PowerShell and Cobalt Strike scripts for lateral movement using Excel 4.0 / XLM macros via DCOM (direct shellcode injection in Excel.exe)☆328Mar 26, 2019Updated 6 years ago
- Cobalt Strike Aggressor extension for Visual Studio Code☆138Jun 20, 2024Updated last year
- Volatility plugin for extracts configuration data of known malware☆495Dec 22, 2023Updated 2 years ago
- A collection of scripts for dealing with Cobalt Strike beacons in Python☆169Jan 5, 2021Updated 5 years ago
- Run PowerShell command without invoking powershell.exe☆1,534Mar 23, 2023Updated 2 years ago
- Some useful scripts for CobaltStrike☆859Dec 17, 2020Updated 5 years ago
- Run shellcode from resource☆259Dec 13, 2020Updated 5 years ago
- Historical list of {Cobalt Strike,NanoHTTPD} servers☆120Apr 30, 2019Updated 6 years ago
- A Cobalt Strike tool to audit Active Directory user accounts for weak, well known or easy guessable passwords.☆442Apr 1, 2022Updated 3 years ago
- A C# tool for enumerating remote access policies through group policy.☆73Apr 18, 2019Updated 6 years ago
- Evading WinDefender ATP credential-theft☆255Dec 2, 2019Updated 6 years ago
- ☆21Dec 1, 2019Updated 6 years ago
- Process Injection☆766Oct 24, 2021Updated 4 years ago
- Searches For Threat Hunting and Security Analytics☆238Mar 26, 2025Updated 11 months ago
- Recon-AD, an AD recon tool based on ADSI and reflective DLL’s☆331Oct 20, 2019Updated 6 years ago
- Ps-Tools, an advanced process monitoring toolkit for offensive operations☆355Dec 1, 2020Updated 5 years ago
- Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing…☆1,729Jan 16, 2026Updated last month
- Cobalt Strike Beacon configuration extractor and parser.☆159Oct 30, 2025Updated 4 months ago
- 🔵 Ethereum and BNB (BSC) Mev bot - Arbitrage☆357Updated this week
- Invoke-LiveResponse☆150Feb 22, 2022Updated 4 years ago
- Evade sysmon and windows event logging☆625Apr 8, 2020Updated 5 years ago
- Detect and respond to Cobalt Strike beacons using ETW.☆516Jul 15, 2022Updated 3 years ago
- Static based decoders for malware samples☆94Jul 27, 2020Updated 5 years ago