Alternatives and similar repositories for Cobalt_Strike_scripts

Users that are interested in Cobalt_Strike_scripts are comparing it to the libraries listed below

• Octoberfest7 / Cohab_Processes
  A small Aggressor script to help Red Teams identify foreign processes on a host machine
  ☆84Updated 2 years ago
• magnusstubman / tokenduplicator
  Tool to start processes as SYSTEM using token duplication
  ☆38Updated 4 years ago
• jsecu / ElevatedEvents
  ☆30Updated 2 years ago
• crisprss / magicNetdefs
  Similar to Petitpotam, the netdfs service is enabled in Windows Server and AD environments, and the abused RPC method allows privileged p…
  ☆49Updated 3 years ago
• wsummerhill / IPv4Fuscation-Encrypted
  ☆19Updated last year
• jnqpblc / SharpReg
  SharpReg is a simple code set to interact with the Remote Registry service api and is compatible with Cobalt Strike.
  ☆29Updated 5 years ago
• RomanRII / jenkins-strike
  Cobalt Strike profile generator using Jenkins to automate the heavy lifting
  ☆37Updated 2 years ago
• d3lb3 / KeePass-the-Hash
  A script that greps composite key-like strings from a KeePassXC process dump, then uses a customized version of pykeepass library to unlo…
  ☆32Updated 2 years ago
• Octoberfest7 / Backstab_BOF
  Beacon Object File implementation of Yaxser's Backstab
  ☆15Updated 3 years ago
• decoder-it / NewMachineAccount
  ☆35Updated 5 months ago
• netero1010 / Quser-BOF
  Cobalt Strike BOF for quser.exe implementation using Windows API
  ☆86Updated 2 years ago
• LuxNoBulIshit / Smug_Fu3k
  ☆53Updated 3 years ago
• trainr3kt / Readfile_BoF
  ☆21Updated 3 years ago
• outflanknl / RedELK-workshop
  Items related to the RedELK workshop given at security conferences
  ☆29Updated last year
• improsec / CaddyStager
  ☆38Updated 3 years ago
• snovvcrash / RemoteRegSave
  A .NET implementation to dump SAM, SYSTEM, SECURITY registry hives from a remote host
  ☆40Updated last year
• rkbennett / pyThreadlessInject
  A python port of CCob's ThreadlessInject
  ☆25Updated 2 years ago
• kartikdurg / Enum-LSASS
  LSASS enumeration like pypykatz written in C-Lang
  ☆20Updated 3 years ago
• aniqfakhrul / certifried.py
  ☆16Updated 3 years ago
• ceramicskate0 / SharpLeftOvers
  A C# Tool to find left over pentest data for use in your pentest or redteam op. Blue could maybe use to find files to cleanup
  ☆38Updated last year
• Allevon412 / BreadBear
  A PoC~ish of https://elastic.github.io/security-research/malware/2022/01/01.operation-bleeding-bear/article/
  ☆31Updated last year
• attl4s / freeMetsrvLoader
  freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package
  ☆33Updated 2 years ago
• t3hbb / citrixphishlet
  Citrix Phishlet
  ☆24Updated 4 years ago
• mr-r3b00t / NotProxyShellHunter
  Check for NotProxyShell CVE-2022-40140 & CVE-2022-41082
  ☆27Updated 2 years ago
• Wh04m1001 / PICDumper
  ☆25Updated 3 years ago
• xx0hcd / Alt-Beacon-Payload
  Beacon payload using AV bypass method from https://github.com/fullmetalcache/CsharpMMNiceness and shellcode generated from https://github…
  ☆20Updated 4 years ago
• ceramicskate0 / BOF-Builder
  C# .Net 5.0 project to build BOF (Beacon Object Files) in mass
  ☆28Updated 2 years ago
• Henkru / cs-get-last-error
  An aggressor script for Cobalt Strike to query Windows' GetLastError messages
  ☆18Updated 2 years ago
• LazyTitan33 / DomainPasswordSpray
  DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will auto…
  ☆13Updated 3 weeks ago
• NotMedic / Invoke-Nanodump
  HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection
  ☆56Updated 3 years ago