BypassAV |
BypassAV |
用于快速生成免杀的可执行文件 |
![](https://camo.githubusercontent.com/2c83d4db329544d449d1400adcf2a60b5a890c373eab83bc6056ea7fa8c9c5c9/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f6861636b3266756e2f4279706173734156) |
![](https://camo.githubusercontent.com/db84cc946c2aa945b2720e24663c7a971bcf676f006e786b6f1bc899208d9141/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f6861636b3266756e2f4279706173734156) |
BypassAV |
scrun |
BypassAV ShellCode Loader (Cobaltstrike/Metasploit) Useage |
![](https://camo.githubusercontent.com/ceddb5eb5cfa63e64732b49fc5ea36353a10b5a4ea23eefa628900792143743b/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f6b38676567652f736372756e) |
![](https://camo.githubusercontent.com/98d0a3a11e6744b7dd8e03faa957a9827a32297a621f08e8ec9b67508e129b67/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f6b38676567652f736372756e) |
BypassAV |
beacon-c2-go |
beacon-c2-go (Cobaltstrike/Metasploit) |
![](https://camo.githubusercontent.com/a671db39b59042df42c1083d8a0720b050bf74fd11459fae43595bf5cbfe8783/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f7761687975686164692f626561636f6e2d63322d676f) |
![](https://camo.githubusercontent.com/8a356e512ba46a6d942bd613cb59d69c2a1a03d83125bf6a027b643e2c6ab978/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f7761687975686164692f626561636f6e2d63322d676f) |
BypassAV |
C--Shellcode |
python ShellCode Loader (Cobaltstrike&Metasploit) Useage |
![](https://camo.githubusercontent.com/c0f1c7f555a8dee489fd12d5c37041a5a85c5c69f0f5e065d06e3284a3e9b804/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f4f6e65486f6e652f432d2d5368656c6c636f6465) |
![](https://camo.githubusercontent.com/7b8f02349dbc6172172c2f40edcd49078af1053e854b811fc53898cd65c5b4c5/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f4f6e65486f6e652f432d2d5368656c6c636f6465) |
Recon |
red-team-scripts |
perform some rudimentary Windows host enumeration with Beacon built-in commands |
![](https://camo.githubusercontent.com/45cac07899f5f8c6e008e6aec4dd023951312029a16eb417aff56da661247410/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f746872656174657870726573732f7265642d7465616d2d73637269707473) |
![](https://camo.githubusercontent.com/2809a5b3ddf2fb26365485b1094be656c10a6dba47381f71fb29bc13f5c114fe/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f746872656174657870726573732f7265642d7465616d2d73637269707473) |
Recon |
aggressor-powerview |
All functions listed in the PowerView about page are included in this with all arguments for each function. PowerView |
![](https://camo.githubusercontent.com/b8c31a4a36b5278216b8a57972e916e3d6fa0ac82f330061763bd866fdc54f9b/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f7465766f72612d7468726561742f616767726573736f722d706f77657276696577) |
![](https://camo.githubusercontent.com/178cb284d57696dbdce29993b51a8e78bf9af20916c6d9bc79d7aff4627caa4d/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f7465766f72612d7468726561742f616767726573736f722d706f77657276696577) |
Recon |
PowerView3-Aggressor |
PowerView Aggressor Script for CobaltStrike PowerView |
![](https://camo.githubusercontent.com/0f59ff9e2eb2c148800ef5f00c8f884fd513bd03de635a2508126a10efa38df6/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f7465766f72612d7468726561742f506f77657256696577332d416767726573736f72) |
![](https://camo.githubusercontent.com/bda90cff776791de8d66854f123d1955e86a9d5defec2b1ffe520e72f10caad0/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f7465766f72612d7468726561742f506f77657256696577332d416767726573736f72) |
Recon |
AggressorScripts |
Sharphound-Aggressor- A user menu for the SharpHound ingestor |
![](https://camo.githubusercontent.com/4f04619b7ed32693365850ac323838a3e2d93f9775ed470788fe0e192eb194b7/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f43306178782f416767726573736f7253637269707473) |
![](https://camo.githubusercontent.com/397e8e85222ad9526d52d440fe159d7f74576c02cdd4ba8bf6a1d724726a532f/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f43306178782f416767726573736f7253637269707473) |
Recon |
ServerScan |
内网横向信息收集的高并发网络扫描、服务探测工具。 |
![](https://camo.githubusercontent.com/c35886d92cb8021b411e244bcb8d639813a261b70635111f71b0fd9085a00022/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f41646d696e69736d652f5365727665725363616e) |
![](https://camo.githubusercontent.com/bf2e5ad4cbb2701357fe109ed6cb8aeaf1b2359472355f2c97d2b146fd956373/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f41646d696e69736d652f5365727665725363616e) |
Exploit |
XSS-Fishing2-CS |
鱼儿在cs上线后自动收杆 / Automatically stop fishing in javascript after the fish is hooked |
![](https://camo.githubusercontent.com/226e7cc35b6c93d9f1a9346bf931b380600867970fe067d59c64f908405a3271/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f5468654b696e674f664475636b2f5853532d46697368696e67322d4353) |
![](https://camo.githubusercontent.com/d53ddd23a79c7d81d7c43ff54bcfbc3687639c6b0287938d9076c403826c260e/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f5468654b696e674f664475636b2f5853532d46697368696e67322d4353) |
Exploit |
XSS-Phishing |
xss钓鱼,cna插件配合php后端收杆 |
![](https://camo.githubusercontent.com/335eebe8d9b4598d43e576e994cfe566bef011b50d8221c63976150b7b7b29c6/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f74696d77686974657a2f5853532d5068697368696e67) |
![](https://camo.githubusercontent.com/b01250b3edc395ebbea7845f63cd99f15293fb16c958ee782a6eff4122091542/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f74696d77686974657a2f5853532d5068697368696e67) |
Exploit |
custom_payload_generator |
CobaltStrike3.0+ --> creates various payloads for Cobalt Strike's Beacon. Current payload formats |
![](https://camo.githubusercontent.com/884a045da489e5a68742c29c14af126c5350eb5d4d02fe547564147dc3e290d4/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f6f666673656367696e6765722f416767726573736f7253637269707473) |
![](https://camo.githubusercontent.com/03a6c126c2f55c6fedbea0e04af18558760099caa95e96497e339e4c828594e1/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f6f666673656367696e6765722f416767726573736f7253637269707473) |
Exploit |
CrossC2 |
CrossC2 framework - Generator CobaltStrike's cross-platform beacon |
![](https://camo.githubusercontent.com/808483c6120e2d8f4b779790f0f426dcb73c4376958e50b11d84ff155773fd95/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f676c6f7865632f43726f73734332) |
![](https://camo.githubusercontent.com/e5388850a824680073ea1550ca3089d003b1a941a7b18b476bae5d6124cc84a6/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f676c6f7865632f43726f73734332) |
Exploit |
GECC |
Go External C2 Client implementation for cobalt strike. |
![](https://camo.githubusercontent.com/888fc75127ee3840d450bdfd3417c94d8da7c2296179f6c79b29745ad25b391a/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f4c7a31792f47454343) |
![](https://camo.githubusercontent.com/cc553303807d1beb45f50b5fae730c3761ed63aeb106c2d43cce666ddf936509/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f4c7a31792f47454343) |
Exploit |
Cobaltstrike-MS17-010 |
ms17-010 exploit tool and scanner. |
![](https://camo.githubusercontent.com/c2bba1c3890207f40e0418f90a4a287f0d7d15fa3ccdc1f0022399f0d2989586/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f7068696e6b2d7465616d2f436f62616c74737472696b652d4d5331372d303130) |
![](https://camo.githubusercontent.com/56ab91fa9120d448e4472c960414f0c66bfe890b2e54c6b356a8c0291f9724e1/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f7068696e6b2d7465616d2f436f62616c74737472696b652d4d5331372d303130) |
Exploit |
AES-PowerShellCode |
Standalone version of my AES Powershell payload for Cobalt Strike. |
![](https://camo.githubusercontent.com/ac81e9ac84fbf22595396fdfe2ce4140a0f73a0cb7db19e688b89b553cf4273e/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f6f666673656367696e6765722f4145532d506f7765725368656c6c436f6465) |
![](https://camo.githubusercontent.com/5b2b776eba357e242263f2b1b2f4c9b1eab276dd4f1312a32c9a3d3a8e73d1b8/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f6f666673656367696e6765722f4145532d506f7765725368656c6c436f6465) |
Exploit |
SweetPotato_CS |
CobaltStrike4.x --> SweetPotato |
![](https://camo.githubusercontent.com/dedcca2b52337fc2ebdb06b1ec509537ec8659d8d61a1c5bddd38cd3c53668f1/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f547963783272792f5377656574506f7461746f5f4353) |
![](https://camo.githubusercontent.com/59e8f44b7a08ff78b718f98f91811e0d1bc6bace84697525f5be4f3f7c617ea7/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f547963783272792f5377656574506f7461746f5f4353) |
Exploit |
ElevateKit |
privilege escalation exploits |
![](https://camo.githubusercontent.com/48d8c386797b13d6a2e9ae9e4d934bf1a66714f7e4074a2f2327b1af6833e7fc/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f72736d756467652f456c65766174654b6974) |
![](https://camo.githubusercontent.com/5483840c2bd20ab48b3f7e2c6987b510de5b576f0409ebc8f7711c44c1ce3058/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f72736d756467652f456c65766174654b6974) |
Exploit |
CVE-2018-4878 |
CVE-2018-4878 |
![](https://camo.githubusercontent.com/3aa79cb4f1162c90af6a44f26b8d9bbd269cb613da158c4fc9f91f5ed6e2f4d0/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f767973656375726974792f4356452d323031382d34383738) |
![](https://camo.githubusercontent.com/7a5c457b06c2c388c8c731ab2bc091b3a144b5e110dbf438efad7a954b26cb81/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f767973656375726974792f4356452d323031382d34383738) |
Exploit |
Aggressor-Scripts |
The only current public is UACBypass, whose readme can be found inside its associated folder. |
![](https://camo.githubusercontent.com/3c6683f380c55194ab068b8dc08fa7a19f8db6c04ad8cdb66fc1564c4efc202d/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f5268696e6f53656375726974794c6162732f416767726573736f722d53637269707473) |
![](https://camo.githubusercontent.com/0b48cc27a0d38614ce27657091a1443b387349e3d28d53a646b94cabe5f45406/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f5268696e6f53656375726974794c6162732f416767726573736f722d53637269707473) |
Exploit |
CVE_2020_0796_CNA |
基于ReflectiveDLLInjection实现的本地提权漏洞 |
![](https://camo.githubusercontent.com/0a801447ff40ddf5688b75bb9ae28f8fe8ef52da486ad80086211204e3c4f0a8/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f52766e307873792f4356455f323032305f303739365f434e41) |
![](https://camo.githubusercontent.com/679bdaa43fc6a4ad747b062a2a4301982ac9a025584ad24f94cfae7b00ae9a3d/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f52766e307873792f4356455f323032305f303739365f434e41) |
Exploit |
DDEAutoCS |
setup our stage(d) Web Delivery attack |
![](https://camo.githubusercontent.com/baa9c7556d4ee60c79cce808f34f1869a85dc3c503563bea00f102ea3b3ca777/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f703239322f4444454175746f4353) |
![](https://camo.githubusercontent.com/b0bca6245289761b5a875c2f35a39c74e1c35f60b4fbb4fa007059af4ad13250/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f703239322f4444454175746f4353) |
Exploit |
geacon |
Implement CobaltStrike's Beacon in Go (can be used in Linux) |
![](https://camo.githubusercontent.com/37690d50d1c3d4d6ead8e5645bd8cb6f81e30858a47d21b06bf8eb95442dcf0e/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f6461726b7234792f676561636f6e) |
![](https://camo.githubusercontent.com/d2138becff22645518be70d6706aba0e9aae872d67bd7b16dd609222e0305876/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f6461726b7234792f676561636f6e) |
Persistence |
persistence-aggressor-script |
persistence-aggressor-script |
![](https://camo.githubusercontent.com/21d25f08a78dbee87a4e6b5ec311484427e9c5663fa5e6dee0c0395606855d31/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f5a6f6e6b5365632f70657273697374656e63652d616767726573736f722d736372697074) |
![](https://camo.githubusercontent.com/455580d158fda9c14d5a2f06a37e655b79d0cf10793e3eddcfbb9e8b0d33f589/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f5a6f6e6b5365632f70657273697374656e63652d616767726573736f722d736372697074) |
Persistence |
Peinject_dll |
弃用winexec函数,使用shellexecute函数,程序流不在卡顿,达到真正的无感。 |
![](https://camo.githubusercontent.com/b8c1fefca24ad32fd81bd5f3f2b1637b10d3c02430b2cf4a585d44aee941a0b7/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f6d306e676f3073652f5065696e6a6563745f646c6c) |
![](https://camo.githubusercontent.com/2f1a5973ff6e4a30cc02bab6acbb81106ffdad704a5cffc7b247f748ee2dc4c0/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f6d306e676f3073652f5065696e6a6563745f646c6c) |
Persistence |
TikiTorch |
TikiTorch follows the same concept(CACTUSTORCH) but has multiple types of process injection available, which can be specified by the user at compile time. |
![](https://camo.githubusercontent.com/8094700bd2e248cc9a79411cd1614f804671e9a5b98c8d7e97e7effd91e054ce/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f72617374612d6d6f7573652f54696b69546f726368) |
![](https://camo.githubusercontent.com/a83cfb8673385384404b1368471176b0ac396b6f60410f137b4ec04454082b3b/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f72617374612d6d6f7573652f54696b69546f726368) |
Persistence |
CACTUSTORCH |
A JavaScript and VBScript shellcode launcher. This will spawn a 32 bit version of the binary specified and inject shellcode into it. |
![](https://camo.githubusercontent.com/348fab3ad066fc21fcbd0c01039e3451de71cf346b7b1c290625572388dcc4a3/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f6d647365636163746976656272656163682f434143545553544f524348) |
![](https://camo.githubusercontent.com/a0f0d970d340c1c621ebcb9186bc26e35b6d03073316803c5dd55479969b0154/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f6d647365636163746976656272656163682f434143545553544f524348) |
Persistence |
UploadAndRunFrp |
上传frpc并且运行frpc |
![](https://camo.githubusercontent.com/73254271e7f31365e0af5e18c6a1a2fb7fafd14cdc4267b3986957736339857f/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f4368316e67672f416767726573736f725363726970742d55706c6f6164416e6452756e467270) |
![](https://camo.githubusercontent.com/17e6c0d2f745d9ccac759eedca365f63784bda40cd9250221f8528a8a07548db/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f4368316e67672f416767726573736f725363726970742d55706c6f6164416e6452756e467270) |
Persistence |
persistence-aggressor-script |
Persistence Aggressor Script |
![](https://camo.githubusercontent.com/86d1838af3a4da5bbd895cc4e41b5ffccd4ad6022278101335b85473162524fa/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f746872656174657870726573732f70657273697374656e63652d616767726573736f722d736372697074) |
![](https://camo.githubusercontent.com/fd57b3c9edbcfa76822513b4955d36c9c75e7b1b51a8b0a9d3ffe044fdb4a017/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f746872656174657870726573732f70657273697374656e63652d616767726573736f722d736372697074) |
Auxiliary |
Cobaltstrike-atexec |
利用任务计划进行横向,需要与135端口、445端口进行通信 |
![](https://camo.githubusercontent.com/42f846677fd009c8803e34fad4198d9b49e639838d971433915a9d57d5d3edae/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f52766e307873792f436f62616c74737472696b652d617465786563) |
![](https://camo.githubusercontent.com/678f508d649d603013e69be18dfe872aa278834e2d2727f506c6546e081376e4/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f52766e307873792f436f62616c74737472696b652d617465786563) |
Auxiliary |
SharpCompile |
SharpCompile is an aggressor script for Cobalt Strike which allows you to compile and execute C# in realtime. |
![](https://camo.githubusercontent.com/77edd2730e03569f24a108a65fe8add3d07ce04f6b1a47e9a2a2c1e6f5f183e0/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f5370696465724c6162732f5368617270436f6d70696c65) |
![](https://camo.githubusercontent.com/03daa0f69314c273cd1e7a02193a04080a8197b6beec5fe253c4148a646a51ed/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f5370696465724c6162732f5368617270436f6d70696c65) |
Auxiliary |
Quickrundown |
Utilizing QRD will allow an operator to quickly characterize what processes are both known and unknown on a host through the use of colors and notes about the processes displayed. |
![](https://camo.githubusercontent.com/7928ee34fed2120cc0575e9a797a152dcf1a71380f3a5b051afa7a1321c9c52f/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f69636562656172667269656e642f517569636b72756e646f776e) |
![](https://camo.githubusercontent.com/c698b278c1cbf05f60e338ab24b6412f4d00e9a83f174b804f2426bec6804c24/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f69636562656172667269656e642f517569636b72756e646f776e) |
Auxiliary |
Phant0m_cobaltstrike |
This script walks thread stacks of Event Log Service process (spesific svchost.exe) and identify Event Log Threads to kill Event Log Service Threads. So the system will not be able to collect logs and at the same time the Event Log Service will appear to be running. |
![](https://camo.githubusercontent.com/9df9701e159b21cbdff5fbee7204d661aa3b270131420daf25ea36d50b06faca/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f703239322f5068616e74306d5f636f62616c74737472696b65) |
![](https://camo.githubusercontent.com/ec2ac1257762b3dedf9841f30aeb82fd0c1166dfa1f2ae7fc97413ed64d65fd0/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f703239322f5068616e74306d5f636f62616c74737472696b65) |
Auxiliary |
NoPowerShell |
NoPowerShell is a tool implemented in C# which supports executing PowerShell-like commands while remaining invisible to any PowerShell logging mechanisms. |
![](https://camo.githubusercontent.com/e9a49191944bf2b66e7199a8d3f52666e1a659361ccd7c781414fecaf11cf5bf/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f6269747361646d696e2f6e6f706f7765727368656c6c) |
![](https://camo.githubusercontent.com/64d1280dd07f657e7cc1587080c79f6eedf479b672d5a4eca0515d9502c7e6a5/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f6269747361646d696e2f6e6f706f7765727368656c6c) |
Auxiliary |
EventLogMaster |
RDP EventLog Master |
![](https://camo.githubusercontent.com/7e97a8cc0d9be27a0e9ef58d3a0e3cda16d96bd9b5da1aba53e81f9e2f6353b0/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f5141582d412d5465616d2f4576656e744c6f674d6173746572) |
![](https://camo.githubusercontent.com/fec9cc3468a9e4953e22095871819c2481b397af767be90db8182ab0a9e89bcc/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f5141582d412d5465616d2f4576656e744c6f674d6173746572) |
Auxiliary |
ANGRYPUPPY |
Bloodhound Attack Path Execution for Cobalt Strike |
![](https://camo.githubusercontent.com/03b43ac9f3cae55fcb9ab8ded35b5817266a70311c4c4736cc2a42fdbd33b335/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f767973656375726974792f414e4752595055505059) |
![](https://camo.githubusercontent.com/26489109dd43e4a3ac0fef68c6b357f3ce1592fa9e2db5f8ec9310e52e975e5f/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f767973656375726974792f414e4752595055505059) |
Auxiliary |
CobaltStrike_Script_Wechat_Push |
上线微信提醒的插件,通过微信Server酱提醒 |
![](https://camo.githubusercontent.com/aaa3061b581b0157efa28ae5bfbbd5e08d5f171bd7059659396954c6647d6265/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f6131696365732f436f62616c74537472696b655f5363726970745f5765636861745f50757368) |
![](https://camo.githubusercontent.com/c800e5529724c7760e6aa3d243385881d763c4e2872b41b7c0b19165ed975095/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f6131696365732f436f62616c74537472696b655f5363726970745f5765636861745f50757368) |
Auxiliary |
CS-Aggressor-Scripts |
slack and webhooks reminder |
![](https://camo.githubusercontent.com/b5fd64a1cddb886644d95b9bd65cf60f12dae8e36043b8386498c8f774678978/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f73656367726f756e647a65726f2f43532d416767726573736f722d53637269707473) |
![](https://camo.githubusercontent.com/06c01569e09af3345a6f7493fa30885b036d163f049dd6d5dea2373abfd13621/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f73656367726f756e647a65726f2f43532d416767726573736f722d53637269707473) |
Auxiliary |
Aggressor-Scripts |
surveying of powershell on targets (在对应的目标上检测powershell的相关信息) |
![](https://camo.githubusercontent.com/aafc86ec391d58b5a6bfd21988a69e1259538df64d4632bed331498dc1fdbbd0/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f736b796c65726f6e6b656e2f416767726573736f722d53637269707473) |
![](https://camo.githubusercontent.com/f2881dd7218c243b71dab7c211af9ecff79b1197eeaae6469b67a1016cc4edcf/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f736b796c65726f6e6b656e2f416767726573736f722d53637269707473) |
Auxiliary |
cs-magik |
Implements an events channel and job queue using Redis for Cobalt Strike. |
![](https://camo.githubusercontent.com/7bcef1e84a831ae6da4386b970f2633ed4f5ecde18bb8b4cd05af02c6707bc86/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f746f6d737465656c652f63732d6d6167696b) |
![](https://camo.githubusercontent.com/2f701e1f2d508df41aeea9c6b4791bf02139d9b15e38ecbaea29885a4854da15/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f746f6d737465656c652f63732d6d6167696b) |
Auxiliary |
AggressorScripts |
查看进程的时候讲av进程标注为红色 |
![](https://camo.githubusercontent.com/58623144154990f250b06b69dc363139439c92cde601c8704c4fd4583effeeb4/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f7a65723079752f416767726573736f7253637269707473) |
![](https://camo.githubusercontent.com/0dde1df7cf109f09ed45247f761c0b293d8de439614ef43bdd85dccfe4794762/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f7a65723079752f416767726573736f7253637269707473) |
Auxiliary |
Raven |
CobaltStrike External C2 for Websockets |
![](https://camo.githubusercontent.com/90fb128dd63b39f83a917dcd2b534a46a70277aa598e3eca81240e6bcf0f2367/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f786f7272696f722f726176656e) |
![](https://camo.githubusercontent.com/e988f743341686189b3d618e3b9e59284407b1e791ad3675a1aac8514a24f4ba/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f786f7272696f722f726176656e) |
Auxiliary |
CobaltStrikeParser |
Python parser for CobaltStrike Beacon's configuration |
![](https://camo.githubusercontent.com/0cf5b3f3110fd67387f1ce0623a4d72c5220a4b9ab108f9638055947d48c953f/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f53656e74696e656c2d4f6e652f436f62616c74537472696b65506172736572) |
![](https://camo.githubusercontent.com/92e7a1d2607e639856c1faf378fbf88d052d8b791b3aa7bc0b5636ea4e68e40a/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f53656e74696e656c2d4f6e652f436f62616c74537472696b65506172736572) |
Auxiliary |
fakelogonscreen |
FakeLogonScreen is a utility to fake the Windows logon screen in order to obtain the user's password. |
![](https://camo.githubusercontent.com/9d73dc18335b3d9167a3426bc61013f212647211f5390aedfcd9629d72e0644b/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f6269747361646d696e2f66616b656c6f676f6e73637265656e) |
![](https://camo.githubusercontent.com/92ffc7cc052ae03bea0e2b9b14a2449c4908e10fcbd1fb98c65b6a7a9105d199/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f6269747361646d696e2f66616b656c6f676f6e73637265656e) |
Auxiliary |
SyncDog |
Make bloodhound sync with cobaltstrike. |
![](https://camo.githubusercontent.com/dfcec0a4607b966ece95d0cf793792d7509ea67cf0d833d1ae6166ed0aa702c7/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f4c7a31792f53796e63446f67) |
![](https://camo.githubusercontent.com/4551e04ab15bbf135ef011b70df8919b7e9c68edb874cc8bcc55d3a547aa0786/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f4c7a31792f53796e63446f67) |
Synthesis |
Erebus |
CobaltStrike4.x --> Erebus CobaltStrike后渗透测试插件 |
![](https://camo.githubusercontent.com/cbd5e6a8b02c851ce8942fe130788e3caed0ca7c58f05daf5ae7c0da0b210e27/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f44654570696e47683073742f457265627573) |
![](https://camo.githubusercontent.com/e9088f5a290a8b1ff4eeeb0bc8142584559ea850d132806848ab40f6abffea67/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f44654570696e47683073742f457265627573) |
Synthesis |
Cobalt-Strike-Aggressor-Scripts |
CobaltStrike后渗透测试插件集合 Usage |
![](https://camo.githubusercontent.com/04e87bedf658a6bc2f3891ff33f4987a241f1a183f4beb0d3f68515e4eec505d/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f74696d77686974657a2f436f62616c742d537472696b652d416767726573736f722d53637269707473) |
![](https://camo.githubusercontent.com/fd239274805e9bf5da43509fbde46073f0de3123a453b8b99a054faf6c9b00d3/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f74696d77686974657a2f436f62616c742d537472696b652d416767726573736f722d53637269707473) |
Synthesis |
AggressorScripts |
Aggressor scripts for use with Cobalt Strike 3.0+ |
![](https://camo.githubusercontent.com/d17a97fba04fec8f81b8e3c84f3dd2fcaa34f6d134de11e1cf3b5d91bb565081/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f626c7573637265656e6f666a6566662f416767726573736f7253637269707473) |
![](https://camo.githubusercontent.com/5f00c937ea1d6525ce98c727bcae5db604704a73a4218a0930ab5f8356065d10/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f626c7573637265656e6f666a6566662f416767726573736f7253637269707473) |
Synthesis |
RedTeamTools |
RedTeamTools for use with Cobalt Strike |
![](https://camo.githubusercontent.com/5ba2139704019d72d87dbdf459edb6d532ba43d94bed0683d2ab69ad6edc75a3/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f6c656e676a69626f2f5265645465616d546f6f6c73) |
![](https://camo.githubusercontent.com/09eccdf2c4f6374581d9bbbf30b87f89ba1afec243a47a15aed7e9bf9d629fbd/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f6c656e676a69626f2f5265645465616d546f6f6c73) |
Synthesis |
cobalt-arsenal |
Aggressor Scripts for Cobalt Strike 4.0+ |
![](https://camo.githubusercontent.com/b52d6279f95cf7c195fe5cfa69b40d7926cafab074d65561524774e22e589141/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f6d6765656b792f636f62616c742d617273656e616c) |
![](https://camo.githubusercontent.com/41926442710ed85435045683c95242440f782a03a7db244bc45de4410b0e9534/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f6d6765656b792f636f62616c742d617273656e616c) |
Synthesis |
MoveKit |
The aggressor script handles payload creation by reading the template files for a specific execution type. intro |
![](https://camo.githubusercontent.com/33abf9eec37dc2b4410749dd3660bd437d2abbdcc8b6c0158295093d0e6286de/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f3078746869727465656e2f4d6f76654b6974) |
![](https://camo.githubusercontent.com/bf1e7c1c1f5428a803455953fd89251965c3a1611ed6e59e0d61ab7c1b319b77/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f3078746869727465656e2f4d6f76654b6974) |
Synthesis |
StayKit |
The aggressor script handles payload creation by reading the template files for a specific execution type. intro |
![](https://camo.githubusercontent.com/3176d413e02bd20a48635c19d82f769ef9760c993c8e09d0945609fa66bf2f88/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f3078746869727465656e2f537461794b6974) |
![](https://camo.githubusercontent.com/34f1667c94b29f3852999332a5e93eea402d0e1de44a861d3737d9030a579dab/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f3078746869727465656e2f537461794b6974) |
Synthesis |
AggressorScripts |
AggressorScripts |
![](https://camo.githubusercontent.com/bdb66bd49291ecc50d83229be4d0d79b07d734d6bc6d623c6bfb3682ea2c5f14/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f72616d656e307833662f416767726573736f7253637269707473) |
![](https://camo.githubusercontent.com/62a0212d8cf5add7be4722c826032875df6223b7c76d0da3f0089eeefbc93159/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f72616d656e307833662f416767726573736f7253637269707473) |
Synthesis |
AggressorScripts |
Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources |
![](https://camo.githubusercontent.com/a0e7046f80de47ce82d6f4485ef8e18e0552a6df38e875cd4480fef3495535d6/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f6861726c65795175316e6e2f416767726573736f7253637269707473) |
![](https://camo.githubusercontent.com/c4f3b493605668987e091204770e7588baacebbedad63fe7b7aedc4aa8057f5a/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f6861726c65795175316e6e2f416767726573736f7253637269707473) |
Synthesis |
AggressorScripts |
AggressorScripts |
![](https://camo.githubusercontent.com/bdb66bd49291ecc50d83229be4d0d79b07d734d6bc6d623c6bfb3682ea2c5f14/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f72616d656e307833662f416767726573736f7253637269707473) |
![](https://camo.githubusercontent.com/62a0212d8cf5add7be4722c826032875df6223b7c76d0da3f0089eeefbc93159/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f72616d656e307833662f416767726573736f7253637269707473) |
Synthesis |
Aggressor-VYSEC |
Contains a bunch of CobaltStrike Aggressor Scripts |
![](https://camo.githubusercontent.com/b8de4b5b0b1dafc1e4ad4211e1d96dccc50e2ceba7dc9da234f675cd5ebe5cf3/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f767973656375726974792f416767726573736f722d5659534543) |
![](https://camo.githubusercontent.com/e264b83a7a99abb3c941c309737e650c4a023e7693936eb3f7ed220b1066a0a2/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f767973656375726974792f416767726573736f722d5659534543) |
Synthesis |
AggressorAssessor |
AggressorAssessor |
![](https://camo.githubusercontent.com/b6c674e7ede7fc9a9081c9fc8d469aaafe8405c4ee54f5925287a3c2d254c093/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f466f7274794e6f72746853656375726974792f416767726573736f724173736573736f72) |
![](https://camo.githubusercontent.com/097b61c585ae4cabf12dc488766efc0218f6ffc2be37647ff9c13f4821d93a90/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f466f7274794e6f72746853656375726974792f416767726573736f724173736573736f72) |
Synthesis |
AggressorAssessor |
AggressorAssessor |
![](https://camo.githubusercontent.com/b6c674e7ede7fc9a9081c9fc8d469aaafe8405c4ee54f5925287a3c2d254c093/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f466f7274794e6f72746853656375726974792f416767726573736f724173736573736f72) |
![](https://camo.githubusercontent.com/097b61c585ae4cabf12dc488766efc0218f6ffc2be37647ff9c13f4821d93a90/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f466f7274794e6f72746853656375726974792f416767726573736f724173736573736f72) |
Synthesis |
aggressor-scripts |
Collection of Cobalt Strike Aggressor Scripts |
![](https://camo.githubusercontent.com/b97563be653fa2ce40b94c6a744e2309c2558d180fdb6ce47e70bcec9a25e677/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f746872656174657870726573732f616767726573736f722d73637269707473) |
![](https://camo.githubusercontent.com/5cd7815728230cd84c8b28bf21c8e2876d489f91cfef2cf89dc1c275ed54e197/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f746872656174657870726573732f616767726573736f722d73637269707473) |
Synthesis |
Aggressor-scripts |
This is just a random collection of Aggressor Scripts I've written for Cobalt Strike 3.x. (其中有一个debug脚本比较好用) |
![](https://camo.githubusercontent.com/369da198bc9b489d40c6b38c90981365e3450170b3a26323959502d93b5eff08/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f556e643372663130772f416767726573736f722d73637269707473) |
![](https://camo.githubusercontent.com/0a0d7e196e1ddc8ebb94b85884a4413343e3aa8ac824941ff8e6dd931c331862/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f556e643372663130772f416767726573736f722d73637269707473) |
Synthesis |
Aggressor-Script |
Collection of Aggressor Scripts for Cobalt Strike(主要包含了提权和权限维持脚本) |
![](https://camo.githubusercontent.com/89043fe34487ad1bf400dfe1cdbc1d21a3aa83d05759a64a722eeec092d27832/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f72617374612d6d6f7573652f416767726573736f722d536372697074) |
![](https://camo.githubusercontent.com/cadc3f94e0c0654494e0fb340eedf219ef08afda7329e2d6fe694fe78df43ea7/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f72617374612d6d6f7573652f416767726573736f722d536372697074) |
Synthesis |
Aggressor-Script |
Aggressor Script, Kit, Malleable C2 Profiles, External C2 and so on |
![](https://camo.githubusercontent.com/0b2a96a582b02f76df55bdaf64bc5c1a64da9c1be6e10fce2e8ed9a78bef2f01/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f5141582d412d5465616d2f436f62616c74537472696b652d546f6f6c736574) |
![](https://camo.githubusercontent.com/b1f7d9dfe468196131839a674aa9e380121ef26f44bf05801b163e996655affb/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f5141582d412d5465616d2f436f62616c74537472696b652d546f6f6c736574) |
Synthesis |
aggressor_scripts_collection |
Collection of various aggressor scripts for Cobalt Strike from awesome people. Will be sure to update this repo with credit to each person. |
![](https://camo.githubusercontent.com/709ce13f47c4fe74f3213a55cdd5332a208f0343501d47d8c324c8370a1bf8e9/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f6d696368616c6b6f637a776172612f616767726573736f725f736372697074735f636f6c6c656374696f6e) |
![](https://camo.githubusercontent.com/fa9768c36d7bd71aa5b39b44f5b3c7ff3cfabf69c156472c81e016af0ec5a5c6/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f6d696368616c6b6f637a776172612f616767726573736f725f736372697074735f636f6c6c656374696f6e) |
Synthesis |
CobaltStrike-ToolKit |
googlesearch.profile and script related to AD. |
![](https://camo.githubusercontent.com/3853ad61869314155a15d575689f4586130e05a5b85d6acb31dcae6fdacfd293/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f6b696c6c7377697463682d4755492f436f62616c74537472696b652d546f6f6c4b6974) |
![](https://camo.githubusercontent.com/457b371201a0fe65e1b2df14125211b2bbfa6ce1c26492fabe614c5c0fcafa79/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f6b696c6c7377697463682d4755492f436f62616c74537472696b652d546f6f6c4b6974) |
Synthesis |
Arsenal |
Cobalt Strike 3.13 Arsenal Kit |
![](https://camo.githubusercontent.com/d2706ce779868aab524f84442db2b7a0d877c201c1ee6616f3eee657037a5cd0/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f436c696f762f417273656e616c) |
![](https://camo.githubusercontent.com/ed572dd79571967ab98351d54e5eb8ab302c18d9fffc4877af7cd33f5075bbbf/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f436c696f762f417273656e616c) |
Synthesis |
cobalt-arsenal |
My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+ |
![](https://camo.githubusercontent.com/b52d6279f95cf7c195fe5cfa69b40d7926cafab074d65561524774e22e589141/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f6d6765656b792f636f62616c742d617273656e616c) |
![](https://camo.githubusercontent.com/41926442710ed85435045683c95242440f782a03a7db244bc45de4410b0e9534/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f6d6765656b792f636f62616c742d617273656e616c) |
Synthesis |
aggressor_scripts |
code execution via DCOM;the privilege escalation techniques included in ElevateKit;etc. |
![](https://camo.githubusercontent.com/d2706ce779868aab524f84442db2b7a0d877c201c1ee6616f3eee657037a5cd0/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f436c696f762f417273656e616c) |
![](https://camo.githubusercontent.com/ed572dd79571967ab98351d54e5eb8ab302c18d9fffc4877af7cd33f5075bbbf/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f436c696f762f417273656e616c) |
Synthesis |
aggressor_scripts |
code execution via DCOM;the privilege escalation techniques included in ElevateKit;etc. |
![](https://camo.githubusercontent.com/ba18506c385bfa4ebe54784245028e6f4b32a1c3d9af77031af6be3bc56a7ee1/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f3030315350415254614e2f616767726573736f725f73637269707473) |
![](https://camo.githubusercontent.com/f2627f795526bbe72075f321b4b68a1e6a08e6999518cc7ae7e848a00877f4d3/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f3030315350415254614e2f616767726573736f725f73637269707473) |
Synthesis |
aggressor |
creating tunnels with netsh; changed default to bit.ly redirect to mcdonalds;using powershell to kill parent process; |
![](https://camo.githubusercontent.com/ba18506c385bfa4ebe54784245028e6f4b32a1c3d9af77031af6be3bc56a7ee1/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f3030315350415254614e2f616767726573736f725f73637269707473) |
![](https://camo.githubusercontent.com/f2627f795526bbe72075f321b4b68a1e6a08e6999518cc7ae7e848a00877f4d3/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f3030315350415254614e2f616767726573736f725f73637269707473) |
Synthesis |
CobaltStrikeCNA |
A collection of scripts - from various sources - see script for more info. |
![](https://camo.githubusercontent.com/5cc741ae7f9af75c8386d1860e91bff06d42486ee98c0601d26dea2e601f7ea1/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f6272616e7468616c652f436f62616c74537472696b65434e41) |
![](https://camo.githubusercontent.com/0dedd7298d452f25ee688adc7df0d1ae6512d51e039885b7d259f3078223673f/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f6272616e7468616c652f436f62616c74537472696b65434e41) |
Synthesis |
AggressorScripts |
Highlights selected processes from the ps command in beacon;Loads various aliases into beacon;sets a few defaults for scripts to be used later.. |
![](https://camo.githubusercontent.com/ab4a65126dc7b33db656e65b2af8ad2703fd7778d7c9293877f70ec90a864738/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f6f6c64623030742f416767726573736f7253637269707473) |
![](https://camo.githubusercontent.com/8aac0ad7dd6c31cbe7a7a97ea030c5a9e8e37c63728b7f3d7732df10579b4cda/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f6f6c64623030742f416767726573736f7253637269707473) |
Synthesis |
AggressorAssessor |
从C2生成到横向移动的全辅助脚本套件 |
![](https://camo.githubusercontent.com/b6c674e7ede7fc9a9081c9fc8d469aaafe8405c4ee54f5925287a3c2d254c093/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f466f7274794e6f72746853656375726974792f416767726573736f724173736573736f72) |
![](https://camo.githubusercontent.com/097b61c585ae4cabf12dc488766efc0218f6ffc2be37647ff9c13f4821d93a90/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f466f7274794e6f72746853656375726974792f416767726573736f724173736573736f72) |
Synthesis |
AggressorCollection |
Collection of awesome Cobalt Strike Aggressor Scripts. All credit due to the authors |
![](https://camo.githubusercontent.com/4d28d4f04f9e403c2010a115b45f8d4e0b166e31caad772e84eac0b58de2e065/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f696e766f6b657468726561746775792f416767726573736f72436f6c6c656374696f6e) |
![](https://camo.githubusercontent.com/30e600983cac3893ef4d35c937cb5ae206f8231584a30e47ff6f0ae14168623b/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f696e766f6b657468726561746775792f416767726573736f72436f6c6c656374696f6e) |
Synthesis |
Cobaltstrike-Aggressor-Scripts-Collection |
The collection of tested cobaltstrike aggressor scripts. |
![](https://camo.githubusercontent.com/071ae330b31014cc4b7a49c3690e055e229111493a96b2926b1719f36ef10b67/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f62797465636f6433722f436f62616c74737472696b652d416767726573736f722d536372697074732d436f6c6c656374696f6e) |
![](https://camo.githubusercontent.com/824b7b508602fe782d65fcbc3c6e6d2a072aa0c71874a80489702cd4e1d57eb2/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f62797465636f6433722f436f62616c74737472696b652d416767726573736f722d536372697074732d436f6c6c656374696f6e) |
Synthesis |
aggressorScripts |
CobaltStrike AggressorScripts for the lazy |
![](https://camo.githubusercontent.com/8369cb94c201f4ce40ef26b964c8607aca2c7439ec188037530d0ce13874c41d/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f4d617472697832303038352f616767726573736f7253637269707473) |
![](https://camo.githubusercontent.com/cc98da1a64d4f95db0aea6345e2158b3204d7d853ac48dae51c5511e77c1adac/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c616e6775616765732f746f702f4d617472697832303038352f616767726573736f7253637269707473) |