Sentinel-One / CobaltStrikeParser
☆1,047Updated last year
Alternatives and similar repositories for CobaltStrikeParser:
Users that are interested in CobaltStrikeParser are comparing it to the libraries listed below
- Scan files or process memory for CobaltStrike beacons and parse their configuration☆904Updated 3 years ago
- Hunts out CobaltStrike beacons and logs operator command output☆914Updated 6 months ago
- C2concealer is a command line tool that generates randomized C2 malleable profiles for use in Cobalt Strike.☆1,052Updated 9 months ago
- Cobalt Strike Malleable C2 Design and Reference Guide☆1,666Updated last year
- Cobalt Strike - Malleable C2 Profiles. A collection of profiles used in different projects using Cobalt Strike https://www.cobaltstrike.…☆802Updated 2 years ago
- Situational Awareness commands implemented using Beacon Object Files☆1,360Updated this week
- SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.☆1,075Updated 11 months ago
- Fileless lateral movement tool that relies on ChangeServiceConfigA to run command☆1,475Updated last year
- ☆447Updated 3 years ago
- ☆1,452Updated last year
- Malleable C2 is a domain specific language to redefine indicators in Beacon's communication. This repository is a collection of Malleable…☆1,521Updated 3 years ago
- Tool based on CobaltStrikeParser from SentinelOne which can be used to spam a CobaltStrike server with fake beacons☆367Updated 3 years ago
- Defences against Cobalt Strike☆1,282Updated 2 years ago
- Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing…☆1,586Updated 2 years ago
- ☆2,062Updated 2 years ago
- Some notes and examples for cobalt strike's functionality☆1,010Updated 3 years ago
- A method of bypassing EDR's active projection DLL's by preventing entry point exection☆1,135Updated 4 years ago
- My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+☆1,072Updated last year
- A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!☆1,299Updated last year
- Self-developed tools for Lateral Movement/Code Execution☆703Updated 3 years ago
- Scan installed EDRs and AVs on Windows☆579Updated last year
- Detect and respond to Cobalt Strike beacons using ETW.☆487Updated 2 years ago
- Cobalt Strike C2 Reverse proxy that fends off Blue Teams, AVs, EDRs, scanners through packet inspection and malleable profile correlation☆956Updated 2 years ago
- LSASS memory dumper using direct system calls and API unhooking.☆1,520Updated 4 years ago
- Code and yara rules to detect and analyze Cobalt Strike☆264Updated 3 years ago
- The swiss army knife of LSASS dumping☆1,893Updated 6 months ago
- Convert Cobalt Strike profiles to modrewrite scripts☆594Updated 2 years ago
- SafetyKatz is a combination of slightly modified version of @gentilkiwi's Mimikatz project and @subtee's .NET PE Loader☆1,251Updated 5 years ago
- Evade sysmon and windows event logging☆619Updated 4 years ago
- Malleable C2 Profiles. A collection of profiles used in different projects using Cobalt Strike & Empire.☆361Updated last year