Te-k / cobaltstrike
Code and yara rules to detect and analyze Cobalt Strike
☆264Updated 3 years ago
Alternatives and similar repositories for cobaltstrike:
Users that are interested in cobaltstrike are comparing it to the libraries listed below
- ☆447Updated 3 years ago
- Cobalt Strike Beacon configuration extractor and parser.☆151Updated 3 years ago
- Tool based on CobaltStrikeParser from SentinelOne which can be used to spam a CobaltStrike server with fake beacons☆367Updated 3 years ago
- A Cobalt Strike Scanner that retrieves detected Team Server beacons into a JSON object☆165Updated 2 years ago
- ☆130Updated last year
- Scan files or process memory for CobaltStrike beacons and parse their configuration☆904Updated 3 years ago
- Detect and respond to Cobalt Strike beacons using ETW.☆487Updated 2 years ago
- A collection of scripts for dealing with Cobalt Strike beacons in Python☆168Updated 4 years ago
- A repository that maps commonly used attacks using MSRPC protocols to ATT&CK☆322Updated last year
- IOC from articles, tweets for archives☆313Updated last year
- Hunts out CobaltStrike beacons and logs operator command output☆914Updated 6 months ago
- ☆1,047Updated last year
- Active C2 IoCs☆97Updated 2 years ago
- Python library for dissecting and parsing Cobalt Strike related data such as Beacon payloads and Malleable C2 Profiles☆163Updated 5 months ago
- Digital forensic acquisition tool for Windows based incident response.☆338Updated 10 months ago
- Open Dataset of Cobalt Strike Beacon metadata (2018-2022)☆124Updated 3 years ago
- RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.☆253Updated last year
- c2 traffic☆188Updated 2 years ago
- Project for identifying executables that have command-line options that can be obfuscated, possibly bypassing detection rules.☆164Updated 2 months ago
- Signature engine for all your logs☆166Updated last year
- ☆539Updated last year
- Beta versions of my software☆249Updated last year
- An easy ATT&CK-based Sysmon hunting tool, showing in Blackhat USA 2019 Arsenal☆201Updated 2 years ago
- Setup scripts for my Malware Analysis VMs☆252Updated 3 years ago
- A list of JARM hashes for different ssl implementations used by some C2/red team tools.☆139Updated last year
- PCAP Samples for Different Post Exploitation Techniques☆356Updated 3 years ago
- Sigma rules from Joe Security☆207Updated 4 months ago
- Ps-Tools, an advanced process monitoring toolkit for offensive operations☆340Updated 4 years ago
- Scripts for performing and detecting parent PID spoofing☆144Updated 4 years ago
- Automatically created C2 Feeds☆591Updated this week