跳跳糖 - 安全与分享社区

We show how metadata encryption and decryption contributes to making Cobalt Strike an effective emulator that is difficult to defend against.

Beacon Object File Loader. Contribute to Cracked5pider/CoffeeLdr development by creating an account on GitHub.

DNS Tunneling using powershell to download and execute a payload. Works in CLM. - Octoberfest7/DNS_Tunneling

Cobalt Strike Aggressor scripts. Contribute to dinimus/Cobalt_Strike_scripts development by creating an account on GitHub.

An aggressor script for Cobalt Strike to query Windows' GetLastError messages - Henkru/cs-get-last-error

Cobalt Strike is one of the most popular command-and-control frameworks, favoured by red teams and threat actors alike. In this blog post we will discuss strategies that can be used...

CobaltStrike上线通知，飞书群聊机器人、server酱通知. Contribute to r1is/Cobalt_Strike_Bot development by creating an account on GitHub.

An all-in-one Cobalt Strike BOF to patch, check and revert AMSI and ETW for x64 process. Both syscalls and dynamic resolve versions are available. - ScriptIdiot/BOF-patchit

In-memory token vault BOF for Cobalt Strike. Contribute to Henkru/cs-token-vault development by creating an account on GitHub.

Estimated Reading Time: 10 minutes Hiding your malicious C2 traffic through legitimate channels is challenging nowadays, especially while CDN providers block all known techniques to use domain fronting to hide your malicious traffic. For that reason, I was…

RDLL for Cobalt Strike beacon to silence sysmon process - ScriptIdiot/SysmonQuiet

Section Mapping Process Injection modified with SysWhisper2 (sw2-secinject): Cobalt Strike BOF - ScriptIdiot/sw2-secinject

Aggressorscript that turns the headless aggressor client into a (mostly) functional cobalt strike client. - CodeXTF2/cobaltstrike-headless

一个可以伪装上线Cobaltstrike的脚本. Contribute to LiAoRJ/CS_fakesubmit development by creating an account on GitHub.

Keybase Webhook notifications for CobaltStrike. Contribute to waffl3ss/keybase-cs development by creating an account on GitHub.

In this post, I am going to show the readers how to build a fully automated C2 infrastructure using Terraform with Nebula's end-to-end encryption backend communication layer.

Using syscalls to bypass AV and EDR with Freeze and cobalt strike
Download Freeze:
https://github.com/optiv/Freeze
Download Cobalt Strike:
https://www.cobaltstrike.com/