Homemade Aggressor scripts kit for Cobalt Strike
☆95Nov 25, 2025Updated 3 months ago
Alternatives and similar repositories for CS-Aggressor-Kit
Users that are interested in CS-Aggressor-Kit are comparing it to the libraries listed below
Sorting:
- Ludus role for deploying a Cobalt Strike Teamserver onto Linux servers☆18Mar 19, 2025Updated 11 months ago
- Cobalt Strike random C2 Profile generator☆16Feb 23, 2026Updated last week
- Your Skyfall Infrastructure Pack☆89Jan 25, 2026Updated last month
- ☆26Nov 25, 2025Updated 3 months ago
- An impacket-lite cli tool that combines many useful impacket functions using a single session.☆57Jan 14, 2026Updated last month
- Parser and reconciliation tooling for large Active Directory environments.☆33Feb 18, 2025Updated last year
- Tool developed using csharp (.net 4.5) for compressing and encrypting files to shorten transfer times. Supports multi-file compression an…☆14Feb 15, 2024Updated 2 years ago
- Execute shellcode via Bluetooth device authentication☆40Feb 19, 2025Updated last year
- Most Responder's configuration power in your hand.☆54Jan 19, 2025Updated last year
- Custom mini tools during Red Teaming engagements☆23Jan 20, 2026Updated last month
- BOF to decrypt Signal Desktop chat logs☆71Feb 20, 2025Updated last year
- Passworld is a fully customizable wordlist generator☆16Sep 13, 2024Updated last year
- Beacon Object File (BOF) to obtain Entra tokens via authcode flow.☆124Jan 17, 2026Updated last month
- Utilizng an MCP Server to communicate with your C2☆86May 15, 2025Updated 9 months ago
- Modified versions of the Cobalt Strike Process Injection Kit☆106Jan 24, 2024Updated 2 years ago
- Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.☆128Oct 4, 2024Updated last year
- Cobalt Strike notifications via NTFY.☆15Sep 24, 2024Updated last year
- List web account manager (WAM) accounts added to the current profile☆22Dec 11, 2025Updated 2 months ago
- Rehashing APIs to prevent hash based detection☆14Jan 7, 2025Updated last year
- Curated list of public Beacon Object Files(BOFs) build in as submodules for easy cloning☆137Dec 7, 2025Updated 2 months ago
- Less sugar (entropy) for your binaries☆33Sep 10, 2025Updated 5 months ago
- Docker container for running CobaltStrike 4.7 and above☆24Mar 20, 2025Updated 11 months ago
- Robust Cobalt Strike shellcode loader with multiple advanced evasion features☆200Apr 21, 2025Updated 10 months ago
- FaceDancer is an exploitation tool aimed at creating hijackable, proxy-based DLLs by taking advantage of COM-based system DLL image loadi…☆403Sep 26, 2024Updated last year
- ☆21Jan 8, 2026Updated last month
- Abusing Azure services over C2☆368Jan 20, 2026Updated last month
- Docker container for running CobaltStrike 4.10☆38Sep 18, 2024Updated last year
- Two in one, patch lifetime powershell console, no more etw and amsi!☆103Apr 27, 2025Updated 10 months ago
- ☆33Jan 23, 2025Updated last year
- BOF with Synthetic Stackframe☆230Oct 30, 2025Updated 4 months ago
- A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.☆15Apr 4, 2023Updated 2 years ago
- A simple BOF that disables some logging with NtSetInformationProcess☆13Oct 13, 2023Updated 2 years ago
- Cobalt Strike BOF for evasive .NET assembly execution☆308Mar 31, 2025Updated 11 months ago
- A small collection of Crystal Palace PIC loaders designed for use with Cobalt Strike☆185Oct 29, 2025Updated 4 months ago
- An HTA Application which builds Azure (Entra) Scenarios for Red Team Simulations☆61Aug 18, 2025Updated 6 months ago
- ☆48Oct 14, 2025Updated 4 months ago
- Cobalt Strike HTTPS beaconing over Microsoft Graph API☆622Jun 25, 2024Updated last year
- A .NET implementation to dump SAM, SYSTEM, SECURITY registry hives from a remote host☆41Dec 8, 2023Updated 2 years ago
- A small POC of using Azure Functions to relay communications. Feel free to add additional functionality beyond this POC!☆80Mar 30, 2023Updated 2 years ago