Cobalt Strike
Cobalt Strike beacon object file that allows you to query and make changes to the Windows Registry
BOF implementation of the research by @jonasLyk and the drafted PoC from @LloydLabs
InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assembly execution as an alternative to Cobalt Strikes traditiona…
Collection of beacon object files for use with Cobalt Strike to facilitate 🐚.
POC tool to convert CobaltStrike BOF files to raw shellcode
Cobalt Strike Beacon Object File (BOF) that uses WinStationConnect API to perform local/remote RDP session hijacking.
A .NET XOR encrypted cobalt strike aggressor implementation for chisel to utilize faster proxy and advanced socks5 capabilities.
A library to parse, modify, and implement Malleable C2 profiles
Quick python utility I wrote to turn HTTP requests from burp suite into Cobalt Strike Malleable C2 profiles
An all-in-one Cobalt Strike BOF to patch, check and revert AMSI and ETW for x64 process. Both syscalls and dynamic resolve versions are available.
Cobalt Strike is a post-exploitation framework designed to be extended and customized by the user community. Several excellent tools and scripts have been written and published, but they can be cha…
Malleable C2 Profiles. A collection of profiles used in different projects using Cobalt Strike & Empire.
DLL Exports Extraction BOF with optional NTFS transactions.
Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel
Convert Cobalt Strike profiles to IIS web.config files
Aggressorscript that turns the headless aggressor client into a (mostly) functional cobalt strike client.
Beacon Object File & C# project to check LDAP signing
Situational Awareness commands implemented using Beacon Object Files