n4ll3ec/AggressorSploit external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

n4ll3ec/AggressorSploit

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/n4ll3ec/AggressorSploit)

Close

n4ll3ec / AggressorSploitView on GitHubMore

• External links
• Readme badge

Collect & Optimize awesome CobaltStrike aggressor scripts, hope to create a All-In-One framework.

☆37Apr 17, 2020Updated 5 years ago

Alternatives and similar repositories for AggressorSploit

Users that are interested in AggressorSploit are comparing it to the libraries listed below

• gurbanli / CobaltStrikeWindowsDefenderBypass

  View on GitHub
  Windows Defender Bypass for Cobalt Strike v4.0 Powershell Payload
  ☆10Aug 29, 2020Updated 5 years ago
• CoolHandSquid / Cobalt-Strike-Aggressor-Script-Collection

  View on GitHub
  Cobalt Strike automation scripts collection
  ☆12Oct 28, 2020Updated 5 years ago
• m57 / cobaltstrike_bofs

  View on GitHub
  My CobaltStrike BOFS
  ☆167Jul 23, 2022Updated 3 years ago
• rsmudge / ZeroLogon-BOF

  View on GitHub
  ☆163Apr 25, 2022Updated 3 years ago
• wahyuhadi / beacon-c2-go

  View on GitHub
  backdoor c2
  ☆40Jan 14, 2020Updated 6 years ago
• vestjoe / cobaltstrike_services

  View on GitHub
  AutoStart teamserver and listeners with services
  ☆75Dec 23, 2021Updated 4 years ago
• WayneJLee / CsharpAmsiBypass

  View on GitHub
  C# loader for msfvenom shellcode with AMSI bypass
  ☆34Jun 13, 2020Updated 5 years ago
• EncodeGroup / AggressiveGadgetToJScript

  View on GitHub
  A Cobalt Strike Aggressor script to generate GadgetToJScript payloads
  ☆101Sep 30, 2020Updated 5 years ago
• Coalfire-Research / Vampire

  View on GitHub
  Vampire is an aggressor script which integrates with BloodHound to mark nodes as owned.
  ☆79Apr 6, 2021Updated 4 years ago
• rsmudge / CVE-2020-0796-BOF

  View on GitHub
  ☆71Sep 17, 2020Updated 5 years ago
• nick-frischkorn / SuspendEventLogBOF

  View on GitHub
  Beacon Object File to locate and suspend the threads hosting the Event Log service
  ☆29Jun 17, 2022Updated 3 years ago
• rsmudge / unhook-bof

  View on GitHub
  Remove API hooks from a Beacon process.
  ☆282Sep 18, 2021Updated 4 years ago
• boku7 / halosgate-ps

  View on GitHub
  Cobalt Strike BOF that uses a custom ASM HalosGate & HellsGate syscaller to return a list of processes
  ☆108Mar 8, 2023Updated 2 years ago
• invokethreatguy / AggressorCollection

  View on GitHub
  Collection of awesome Cobalt Strike Aggressor Scripts. All credit due to the authors
  ☆153Jan 7, 2019Updated 7 years ago
• izj007 / CrackSleeve

  View on GitHub
  cs4.0 cs 4.1 beacon加解密
  ☆25Mar 29, 2021Updated 4 years ago
• idiotc4t / Schrodinger-s-Cat

  View on GitHub
  Shellcode antivirus evasion framework
  ☆27Jan 16, 2021Updated 5 years ago
• Verizon / redshell

  View on GitHub
  An interactive command prompt for red teaming and pentesting. Automatically pushes commands through SOCKS4/5 proxies via proxychains. Opt…
  ☆220Aug 23, 2022Updated 3 years ago
• FalconForceTeam / SysWhispers2BOF

  View on GitHub
  Script to use SysWhispers2 direct system calls from Cobalt Strike BOFs
  ☆125May 24, 2022Updated 3 years ago
• offsecginger / AES-PowerShellCode

  View on GitHub
  Standalone version of my AES Powershell payload for Cobalt Strike.
  ☆111Dec 27, 2019Updated 6 years ago
• GeorgePatsias / ScareCrow-CobaltStrike

  View on GitHub
  Cobalt Strike script for ScareCrow payloads intergration (EDR/AV evasion)
  ☆464Jul 15, 2022Updated 3 years ago
• vysecurity / WindfarmDynamite-CNA

  View on GitHub
  CobaltStrike Aggressor Script to utilise FuzzySec's Windows Notification Framework Research to Spawn a Shell under Explorer.exe
  ☆16Jul 6, 2019Updated 6 years ago
• Cobalt-Strike / teamserver-prop

  View on GitHub
  TeamServer.prop is an optional properties file used by the Cobalt Strike teamserver to customize the settings used to validate screenshot…
  ☆68Aug 5, 2025Updated 6 months ago
• guervild / BOFs

  View on GitHub
  Cobalt Strike Beacon Object Files
  ☆167May 2, 2022Updated 3 years ago
• byt3bl33d3r / pyMalleableC2

  View on GitHub
  Python interpreter for Cobalt Strike Malleable C2 Profiles. Allows you to parse, build and modify them programmatically.
  ☆284Oct 29, 2024Updated last year
• dtrizna / DotNetInject

  View on GitHub
  Code samples of .NET shellcode injections, weaponized for use via WebDav and mshta.exe.
  ☆37Jan 23, 2020Updated 6 years ago
• k8gege / scrun

  View on GitHub
  BypassAV ShellCode Loader (Cobaltstrike/Metasploit)
  ☆179Jul 27, 2019Updated 6 years ago
• EspressoCake / Toggle_Token_Privileges_BOF

  View on GitHub
  Syscall BOF to arbitrarily add/detract process token privilege rights.
  ☆61Jul 10, 2024Updated last year
• phink-team / Cobaltstrike-MS17-010

  View on GitHub
  cobaltstrike ms17-010 module and some other
  ☆419Jun 13, 2019Updated 6 years ago
• cisagov / ansible-role-cobalt-strike

  View on GitHub
  An Ansible role for installing Cobalt Strike.
  ☆80Dec 22, 2025Updated 2 months ago
• EspressoCake / PPLDump_BOF

  View on GitHub
  A faithful transposition of the key features/functionality of @itm4n's PPLDump project as a BOF.
  ☆143Sep 24, 2021Updated 4 years ago
• EspressoCake / Process_Protection_Level_BOF

  View on GitHub
  ☆61Aug 30, 2021Updated 4 years ago
• Gr1mmie / SharpShellCodeObfus

  View on GitHub
  Caeser Cipher your shellcode!
  ☆21Mar 11, 2022Updated 3 years ago
• mgeeky / cobalt-arsenal

  View on GitHub
  My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+
  ☆1,097Apr 19, 2023Updated 2 years ago
• EncodeGroup / AggressiveProxy

  View on GitHub
  Project to enumerate proxy configurations and generate shellcode from CobaltStrike
  ☆140Nov 4, 2020Updated 5 years ago
• xx0hcd / Alt-Beacon-Payload

  View on GitHub
  Beacon payload using AV bypass method from https://github.com/fullmetalcache/CsharpMMNiceness and shellcode generated from https://github…
  ☆20Feb 9, 2021Updated 5 years ago
• 0neAtSec / EfsPotato-1

  View on GitHub
  MS-EFSR EfsRpcOpenFileRaw with SeImpersonatePrivilege local privalege escalation vulnerability
  ☆19Jul 27, 2021Updated 4 years ago
• nickvourd / SugarFree

  View on GitHub
  Less sugar (entropy) for your binaries
  ☆34Sep 10, 2025Updated 5 months ago
• rxwx / cs-rdll-ipc-example

  View on GitHub
  Example code for using named pipe output with beacon ReflectiveDLLs
  ☆121Jun 24, 2020Updated 5 years ago
• tomcarver16 / BOF-DLL-Inject

  View on GitHub
  Manual Map DLL injection implemented with Cobalt Strike's Beacon Object Files.
  ☆152Sep 3, 2020Updated 5 years ago