Te-k / cobaltstrike
Code and yara rules to detect and analyze Cobalt Strike
☆265Updated 3 years ago
Alternatives and similar repositories for cobaltstrike:
Users that are interested in cobaltstrike are comparing it to the libraries listed below
- ☆448Updated 3 years ago
- Tool based on CobaltStrikeParser from SentinelOne which can be used to spam a CobaltStrike server with fake beacons☆366Updated 3 years ago
- Scan files or process memory for CobaltStrike beacons and parse their configuration☆906Updated 3 years ago
- A Cobalt Strike Scanner that retrieves detected Team Server beacons into a JSON object☆165Updated 2 years ago
- Digital forensic acquisition tool for Windows based incident response.☆338Updated 11 months ago
- Detect and respond to Cobalt Strike beacons using ETW.☆489Updated 2 years ago
- Cobalt Strike Beacon configuration extractor and parser.☆152Updated 3 years ago
- ☆130Updated last year
- A repository that maps commonly used attacks using MSRPC protocols to ATT&CK☆323Updated last year
- ☆1,050Updated last year
- Python library for dissecting and parsing Cobalt Strike related data such as Beacon payloads and Malleable C2 Profiles☆165Updated 3 weeks ago
- Hunts out CobaltStrike beacons and logs operator command output☆918Updated 7 months ago
- A list of JARM hashes for different ssl implementations used by some C2/red team tools.☆139Updated 2 years ago
- Automatically created C2 Feeds☆600Updated this week
- Open Dataset of Cobalt Strike Beacon metadata (2018-2022)☆125Updated 3 years ago
- A collection of scripts for dealing with Cobalt Strike beacons in Python☆168Updated 4 years ago
- Ps-Tools, an advanced process monitoring toolkit for offensive operations☆341Updated 4 years ago
- c2 traffic☆188Updated 2 years ago
- Active C2 IoCs☆98Updated 2 years ago
- ☆543Updated last year
- IOC from articles, tweets for archives☆313Updated last year
- Scripts for performing and detecting parent PID spoofing☆145Updated 4 years ago
- RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.☆255Updated last year
- An easy ATT&CK-based Sysmon hunting tool, showing in Blackhat USA 2019 Arsenal☆201Updated 3 years ago
- Signature engine for all your logs☆167Updated last year
- Toolset for research malware and Cobalt Strike beacons☆211Updated last month
- Live forensic artifacts collector☆166Updated 9 months ago
- Beta versions of my software☆249Updated last year
- Run shellcode from resource☆257Updated 4 years ago
- A script to randomize Cobalt Strike Malleable C2 profiles and reduce the chances of flagging signature-based detection controls☆443Updated 2 years ago