A small #poc for the recent RCE found in the Goahead Webserver prior to version 5.1.5
https://github.com/kimusan/goahead-webserver-pre-5.1.5-RCE-PoC-CVE-2021-42342-
https://github.com/kimusan/goahead-webserver-pre-5.1.5-RCE-PoC-CVE-2021-42342-
#shellcode_injection_techniques
All techniques use an AES encrypted meterpreter payload
Some techniques are better than others at bypassing AV
https://github.com/plackyhacker/Shellcode-Injection-Techniques
All techniques use an AES encrypted meterpreter payload
Some techniques are better than others at bypassing AV
https://github.com/plackyhacker/Shellcode-Injection-Techniques
Chrome in-the-wild bug analysis CVE-2021-37975
https://securitylab.github.com/research/in_the_wild_chrome_cve_2021_37975
https://securitylab.github.com/research/in_the_wild_chrome_cve_2021_37975
ZipExec is a Proof-of-Concept (POC) tool to wrap binary-based tools into a password-protected zip file. This zip file is then base64 encoded into a string that is rebuilt on disk
https://github.com/Tylous/ZipExec
https://github.com/Tylous/ZipExec
CVE-2021-42299 TPM Carte Blanche
https://github.com/google/security-research/tree/master/pocs/bios/tpm-carte-blanche
https://github.com/google/security-research/tree/master/pocs/bios/tpm-carte-blanche
Download Cobalt Strike 4.4 + kits
1_ Artifact Kit
2_ Mimikatz Kit
https://github.com/JUICY00000/CobaltStrike4.4
1_ Artifact Kit
2_ Mimikatz Kit
https://github.com/JUICY00000/CobaltStrike4.4
Scan files or process memory for #Cobalt_Strike beacons and parse their configuration
https://github.com/Apr4h/CobaltStrikeScan
C2concealer is a command line tool that generates randomized C2 malleable profiles for use in #Cobalt_Strike
https://github.com/FortyNorthSecurity/C2concealer
#Cobalt_Strike Malleable C2 Profiles
A collection of profiles used in different projects using Cobalt Strike
https://github.com/xx0hcd/Malleable-C2-Profiles
Agressor script that lists available #Cobalt_Strike beacon commands and colors them based on their type
https://github.com/outflanknl/HelpColor
Detect and respond to #Cobalt_Strike beacons using ETW
https://github.com/3lp4tr0n/BeaconHunter
Tool based on #Cobalt_Strike Parser from SentinelOne which can be used to spam a CobaltStrike server with fake beacons
https://github.com/hariomenkel/CobaltSpam
SourcePoint is a C2 profile generator for #Cobalt_Strike command and control servers designed to ensure evasion
https://github.com/Tylous/SourcePoint
Hunts out #Cobalt_Strike beacons and logs operator command output
https://github.com/CCob/BeaconEye
#Cobalt_Strike User-Defined Reflective Loader written in Assembly & C for advanced evasion capabilities
https://github.com/boku7/CobaltStrikeReflectiveLoader
#Cobalt_Strike Beacon configuration extractor and parser
https://github.com/threatexpress/random_c2_profile
#Cobalt_Strike C2 Reverse proxy that fends off Blue Teams, AVs, EDRs, scanners through packet inspection and malleable profile correlation
https://github.com/mgeeky/RedWarden
#Cobalt_Strike script for ScareCrow payloads (EDR/AV evasion)
https://github.com/GeorgePatsias/ScareCrow-CobaltStrike
collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+
https://github.com/mgeeky/cobalt-arsenal
#Cobalt_Strike User-Defined Reflective Loader with AV/EDR Evasion in mind
https://github.com/mgeeky/ElusiveMice
#Cobalt_Strike Beacon configuration extractor and parser
https://github.com/strozfriedberg/cobaltstrike-config-extractor
#Cobalt_Strike Malleable C2 Design and Reference Guide
https://github.com/threatexpress/malleable-c2
A NET Runtime for #Cobalt_Strike Beacon Object Files
https://github.com/CCob/BOF.NET
#Cobalt_Strike BOF that spawns a sacrificial process, injects it with shellcode, and executes payload. Built to evade EDR/UserLand hooks by spawning sacrificial process with Arbitrary Code Guard (ACG), BlockDll, and PPID spoofing
https://github.com/boku7/spawn
Cobalt Strike Beacon Object File (BOF) that uses handwritten shellcode to return the process Environment strings without touching any DLL's
https://github.com/boku7/whereami
A #Cobalt_Strike Beacon Object File (BOF) project which uses direct system calls to enumerate processes for specific loaded modules or process handles
https://github.com/outflanknl/FindObjects-BOF
A Beacon Object File (BOF) for #Cobalt_Strike which uses direct system calls to enable WDigest credential caching
https://github.com/outflanknl/WdToggle
#Cobalt_Strike BOF - Bypass AMSI in a remote process with code injection
https://github.com/boku7/injectAmsiBypass
Pointer was developed for massive hunting and mapping #Cobalt_Strike servers exposed on the internet
https://github.com/shabarkin/pointer
#Cobalt_Strike Shellcode Generator
https://github.com/RCStep/CSSG
Implement load #Cobalt_Strike & Metasploit shellcode with golang
https://github.com/zha0gongz1/DesertFox
Cobalt Strike Aggressor extension for Visual Studio Code
https://github.com/darkoperator/vscode-language-aggressor
An Ansible role for installing #Cobalt_Strike
https://github.com/cisagov/ansible-role-cobalt-strike
Convert #Cobalt_Strike profiles to IIS web.config files
https://github.com/bashexplode/cs2webconfig
#Cobalt_Strike decrypt
https://github.com/WBGlIl/CS_Decrypt
Detects Module Stomping as implemented by #Cobalt_Strike
https://github.com/slaeryan/DetectCobaltStomp
Toolset for research malware and #Cobalt_Strike beacons
https://github.com/RomanEmelyanov/CobaltStrikeForensic
https://github.com/Apr4h/CobaltStrikeScan
C2concealer is a command line tool that generates randomized C2 malleable profiles for use in #Cobalt_Strike
https://github.com/FortyNorthSecurity/C2concealer
#Cobalt_Strike Malleable C2 Profiles
A collection of profiles used in different projects using Cobalt Strike
https://github.com/xx0hcd/Malleable-C2-Profiles
Agressor script that lists available #Cobalt_Strike beacon commands and colors them based on their type
https://github.com/outflanknl/HelpColor
Detect and respond to #Cobalt_Strike beacons using ETW
https://github.com/3lp4tr0n/BeaconHunter
Tool based on #Cobalt_Strike Parser from SentinelOne which can be used to spam a CobaltStrike server with fake beacons
https://github.com/hariomenkel/CobaltSpam
SourcePoint is a C2 profile generator for #Cobalt_Strike command and control servers designed to ensure evasion
https://github.com/Tylous/SourcePoint
Hunts out #Cobalt_Strike beacons and logs operator command output
https://github.com/CCob/BeaconEye
#Cobalt_Strike User-Defined Reflective Loader written in Assembly & C for advanced evasion capabilities
https://github.com/boku7/CobaltStrikeReflectiveLoader
#Cobalt_Strike Beacon configuration extractor and parser
https://github.com/threatexpress/random_c2_profile
#Cobalt_Strike C2 Reverse proxy that fends off Blue Teams, AVs, EDRs, scanners through packet inspection and malleable profile correlation
https://github.com/mgeeky/RedWarden
#Cobalt_Strike script for ScareCrow payloads (EDR/AV evasion)
https://github.com/GeorgePatsias/ScareCrow-CobaltStrike
collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+
https://github.com/mgeeky/cobalt-arsenal
#Cobalt_Strike User-Defined Reflective Loader with AV/EDR Evasion in mind
https://github.com/mgeeky/ElusiveMice
#Cobalt_Strike Beacon configuration extractor and parser
https://github.com/strozfriedberg/cobaltstrike-config-extractor
#Cobalt_Strike Malleable C2 Design and Reference Guide
https://github.com/threatexpress/malleable-c2
A NET Runtime for #Cobalt_Strike Beacon Object Files
https://github.com/CCob/BOF.NET
#Cobalt_Strike BOF that spawns a sacrificial process, injects it with shellcode, and executes payload. Built to evade EDR/UserLand hooks by spawning sacrificial process with Arbitrary Code Guard (ACG), BlockDll, and PPID spoofing
https://github.com/boku7/spawn
Cobalt Strike Beacon Object File (BOF) that uses handwritten shellcode to return the process Environment strings without touching any DLL's
https://github.com/boku7/whereami
A #Cobalt_Strike Beacon Object File (BOF) project which uses direct system calls to enumerate processes for specific loaded modules or process handles
https://github.com/outflanknl/FindObjects-BOF
A Beacon Object File (BOF) for #Cobalt_Strike which uses direct system calls to enable WDigest credential caching
https://github.com/outflanknl/WdToggle
#Cobalt_Strike BOF - Bypass AMSI in a remote process with code injection
https://github.com/boku7/injectAmsiBypass
Pointer was developed for massive hunting and mapping #Cobalt_Strike servers exposed on the internet
https://github.com/shabarkin/pointer
#Cobalt_Strike Shellcode Generator
https://github.com/RCStep/CSSG
Implement load #Cobalt_Strike & Metasploit shellcode with golang
https://github.com/zha0gongz1/DesertFox
Cobalt Strike Aggressor extension for Visual Studio Code
https://github.com/darkoperator/vscode-language-aggressor
An Ansible role for installing #Cobalt_Strike
https://github.com/cisagov/ansible-role-cobalt-strike
Convert #Cobalt_Strike profiles to IIS web.config files
https://github.com/bashexplode/cs2webconfig
#Cobalt_Strike decrypt
https://github.com/WBGlIl/CS_Decrypt
Detects Module Stomping as implemented by #Cobalt_Strike
https://github.com/slaeryan/DetectCobaltStomp
Toolset for research malware and #Cobalt_Strike beacons
https://github.com/RomanEmelyanov/CobaltStrikeForensic
#Cobalt_Strike random C2 Profile generator
https://github.com/threatexpress/random_c2_profile
#Cobalt_Strike Aggressor Scripts
https://github.com/timwhitez/Cobalt-Strike-Aggressor-Scripts
Cobalt Strike beacon object file implementation for trusted path UAC bypass. The target executable will be called without involving "cmd.exe" by using DCOM object
https://github.com/netero1010/TrustedPath-UACBypass-BOF
A list of JARM hashes for different ssl implementations used by some C2/red team tools
https://github.com/cedowens/C2-JARM
grab beacon config
https://github.com/whickey-r7/grab_beacon_config
https://github.com/threatexpress/random_c2_profile
#Cobalt_Strike Aggressor Scripts
https://github.com/timwhitez/Cobalt-Strike-Aggressor-Scripts
Cobalt Strike beacon object file implementation for trusted path UAC bypass. The target executable will be called without involving "cmd.exe" by using DCOM object
https://github.com/netero1010/TrustedPath-UACBypass-BOF
A list of JARM hashes for different ssl implementations used by some C2/red team tools
https://github.com/cedowens/C2-JARM
grab beacon config
https://github.com/whickey-r7/grab_beacon_config
The project is compiled based on the LandGrey/SpringBootVulExploit list The purpose is to quickly exploit vulnerabilities during hvv and lower the threshold for exploiting vulnerabilities
https://github.com/0x727/SpringBootExploit
h2-jdbc(https://github.com/h2database/h2database/issues/3195) & mysql-jdbc(CVE-2021-2471) SQLXML XXE vulnerability reproduction
https://github.com/SecCoder-Security-Lab/jdbc-sqlxml-xxe
https://github.com/0x727/SpringBootExploit
h2-jdbc(https://github.com/h2database/h2database/issues/3195) & mysql-jdbc(CVE-2021-2471) SQLXML XXE vulnerability reproduction
https://github.com/SecCoder-Security-Lab/jdbc-sqlxml-xxe