《深入理解Cobalt Strike》

Getshell

这里记录收集优秀的CobaltStrike内容，包括优秀的资源工具或优秀的项目代码等。本项目大部分工具都未检测是否存在后门，务必在虚拟机下运行。CobaltStrike思想是攻击者的进步。作者：0e0w

本项目创建时间为2021年8月3日。最近的一次更新时间为2023年8月4日。

01-CobaltStrike资源

https://github.com/search?q=CobaltStrike
https://github.com/topics/cobalt-strike
https://github.com/topics/cobaltstrike

一、官方手册

[ ] https://download.cobaltstrike.com/downloads/csmanual44.pdf

二、基础教程

[ ] https://wiki.wgpsec.org/knowledge/intranet/Cobalt-Strike.html

三、视频教程

四、其他资源

[ ] https://github.com/S1ckB0y1337/Cobalt-Strike-CheatSheet
[ ] https://github.com/cisagov/ansible-role-cobalt-strike
[ ] https://github.com/hattmo/c2profilejs
[ ] https://github.com/jan-call/Cobaltstrike-Plugins
[ ] https://github.com/REW-sploit/REW-sploit
[ ] https://github.com/geemion/Khepri
[ ] 【知识回顾】Cobalt Strike 4.0 认证及修补过程
[ ] CobaltStrike4.0无Hook蛮力Cracked License思路
[ ] https://github.com/Tw1sm/HTTPS-MalleableC2-Config
[ ] https://github.com/bashexplode/cs2webconfig
[ ] https://github.com/MichaelKoczwara/Awesome-CobaltStrike-Defence
[ ] https://github.com/cisagov/teamserver-packer
[ ] https://github.com/Cerbersec/DomainBorrowingC2
[ ] https://thedfirreport.com/2021/08/29/cobalt-strike-a-defenders-guide/
[ ] https://github.com/XRSec/Docker-CobaltStrike
[ ] https://wbglil.gitbook.io/cobalt-strike
[ ] https://github.com/akkuman/EvilEye
[ ] https://github.com/wsummerhill/CobaltStrike_RedTeam_CheatSheet
[ ] https://github.com/splunk/melting-cobalt
[ ] https://github.com/AlphabugX/csOnvps
[ ] https://github.com/warhorse/ansible-role-cobaltstrike-docker
[ ] https://github.com/kluo84/CS-notes
[ ] https://github.com/lovechoudoufu/cobaltstrike4.4_cdf
[ ] https://www.anquanke.com/post/id/269539
[ ] https://github.com/rmartinsanta/cs-dns-parser
[ ] https://github.com/outflanknl/C2-Tool-Collection
[ ] https://xz.aliyun.com/t/11404
[ ] https://tttang.com/archive/1631
[ ] https://xz.aliyun.com/t/11508
[ ] https://tttang.com/archive/1662
[ ] https://bbs.pediy.com/thread-273749.htm
[ ] https://www.anquanke.com/post/id/278690
[ ] https://xz.aliyun.com/t/11662
[ ] https://github.com/XXC385/Cobalt-Strike-Start
[ ] https://www.anquanke.com/post/id/285270
[ ] https://xz.aliyun.com/t/12094
[ ] https://www.secpulse.com/archives/196736.html

02-CobaltStrike程序

03-CobaltStrike功能

04-CobaltStrike扩展

https://github.com/zer0yu/Awesome-CobaltStrike
https://www.cobaltstrike.com/aggressor-script/index.html
https://payloads.online/archivers/2020-03-02/4/
http://sleep.dashnine.org/manual/
https://github.com/Cobalt-Strike/community_kit
https://cobalt-strike.github.io/community_kit

一、Malleable-C2

[ ] https://github.com/Tylous/SourcePoint
[ ] https://github.com/FortyNorthSecurity/C2concealer
[ ] https://github.com/threatexpress/malleable-c2
[ ] https://github.com/vestjoe/cobaltstrike_services
[ ] https://github.com/threatexpress/cs2modrewrite
[ ] https://github.com/Cobalt-Strike/Malleable-C2-Profiles
[ ] https://github.com/rsmudge/Malleable-C2-Profiles
[ ] https://github.com/threatexpress/random_c2_profile
[ ] https://github.com/BC-SECURITY/Malleable-C2-Profiles
[ ] https://github.com/D00Movenok/goMalleable
[ ] https://github.com/Peithon/JustC2file

二、External-C2

[ ] https://github.com/Und3rf10w/external_c2_framework
[ ] https://github.com/mdsecactivebreach/Browser-ExternalC2
[ ] https://github.com/SpiderLabs/DoHC2
[ ] https://github.com/outflanknl/external_c2
[ ] https://github.com/rasta-mouse/ExternalC2.NET
[ ] https://github.com/Flangvik/CobaltBus
[ ] https://github.com/wikiZ/RedGuard

三、UDRL：User Defined Reflective Loader

[ ] https://github.com/mgeeky/ElusiveMice
[ ] https://github.com/SecIdiot/TitanLdr
[ ] https://github.com/boku7/CobaltStrikeReflectiveLoader

四、BOFs：Beacon Object Files

https://github.com/BOFs/BOFs
https://github.com/Cerbersec/KillDefenderBOF

五、Aggressor Scripts

https://github.com/topics/aggressor
[ ] https://github.com/001SPARTaN/aggressor_scripts
[ ] https://github.com/0x727/AggressorScripts_0x727
[ ] https://github.com/harleyQu1nn/AggressorScripts
[ ] https://github.com/bluscreenofjeff/AggressorScripts
[ ] https://github.com/jordanpotti/opsec-aggressor
[ ] https://github.com/mgeeky/cobalt-arsenal
[ ] https://github.com/Cobalt-Strike/beacon_health_check
[ ] https://github.com/RCStep/CSSG
[ ] https://github.com/Verizon/redshell
[ ] https://github.com/EspressoCake/Aggressor_Scripts
[ ] https://github.com/darkoperator/vscode-language-aggressor
[ ] https://github.com/threatexpress/cobaltstrike_payload_generator
[ ] https://github.com/outflanknl/HelpColor
[ ] https://github.com/capt-meelo/Beaconator
[ ] https://github.com/NVISOsecurity/cobalt-strike-notifier
[ ] https://github.com/FortyNorthSecurity/AggressorAssessor
[ ] https://github.com/outflanknl/Dumpert
[ ] https://github.com/killswitch-GUI/CobaltStrike-ToolKit
[ ] https://github.com/Und3rf10w/Aggressor-scripts
[ ] https://github.com/vysecurity/Aggressor-VYSEC
[ ] https://github.com/rasta-mouse/Aggressor-Script
[ ] https://github.com/422926799/csplugin
[ ] https://github.com/Peco602/cobaltstrike-aggressor-scripts
上线提醒
[ ] CS_Mail_Tip
[ ] WeChatPush
[ ] https://github.com/Daybr4ak/C2ReverseProxy
[ ] https://github.com/teamssix/dingding_cs_notice
[ ] https://github.com/lintstar/CS-PushPlus
[ ] https://github.com/lintstar/CS-ServerChan
持久上线
[ ] https://github.com/0xthirteen/StayKit
[ ] https://github.com/TheKingOfDuck/XSS-Fishing2-CS
[ ] https://github.com/yanghaoi/CobaltStrike_CNA
[ ] https://github.com/improsec/SharpEventPersist
[ ] https://github.com/Richard-Tang/Tomcat2CS
虚拟上线
[ ] https://github.com/Doneone/happy_cs
权限提升
[ ] weichi
[ ] ElevateKit
[ ] Aggressor-Script
[ ] SweetPotato_CS
漏洞扫描
[ ] CVE-2018-4878
[ ] CVE-2020-0796
[ ] MS17-010
流量隧道
[ ] UploadAndRunFrp
[ ] https://github.com/m3rcer/Chisel-Strike
痕迹清理
[ ] EventLogMaster
[ ] Phant0m_cobaltstrike
近源攻击
[ ] https://github.com/AdminTest0/badusb_cobaltstrike

六、Kit

[x] 神器獬廌
[x] 梼杌
[x] LSTAR
[x] Erebus
[ ] 巨龙拉冬
[ ] Ladon
[ ] CrossC2
[ ] CrossC2Kit
[ ] https://github.com/darkr4y/geacon
[ ] https://github.com/RedTeamWing/WingKit
[ ] Cobalt-Strike-Aggressor-Scripts
[ ] https://github.com/wafinfo/cobaltstrike
[ ] https://github.com/Adminisme/ServerScan
[ ] https://github.com/SeaOf0/CSplugins
[ ] https://github.com/k1d0ne/cobaltstrike_plugin
[ ] https://github.com/9bie/Slacker

七、其他内容

[ ] https://github.com/bitsadmin/nopowershell
[ ] https://github.com/vysecurity/ANGRYPUPPY
[ ] https://github.com/TheKingOfDuck/XSS-Fishing2-CS
[ ] https://github.com/timwhitez/XSS-Phishing
[ ] https://github.com/alphaSeclab/cobalt-strike
[ ] https://github.com/bitsadmin/fakelogonscreen
[ ] https://github.com/Al1ex/CSPlugins
[ ] https://github.com/josephkingstone/cobalt_strike_extension_kit
[ ] https://github.com/isafe/cobaltstrike_brute
[ ] https://github.com/ryanohoro/csbruter
[ ] https://github.com/1135/1135-CobaltStrike-ToolKit
[ ] https://github.com/cube0x0/SharpeningCobaltStrike
[ ] https://github.com/Cliov/Arsenal
[ ] https://github.com/outflanknl/Zipper
[ ] https://github.com/outflanknl/Spray-AD
[ ] https://github.com/Apr4h/CobaltStrikeScan
[ ] https://github.com/SecIdiot/CobaltPatch
[ ] https://github.com/Rvn0xsy/Cobaltstrike-atexec
[ ] https://github.com/aleenzz/Cobalt_Strike_wiki
[ ] https://teamssix.com/year/201023-192553.html
[ ] https://github.com/Lz1y/SyncDog
[ ] https://github.com/Freakboy/CobaltStrike
[ ] https://github.com/Daybr4ak/C2ReverseProxy
[ ] https://github.com/rasta-mouse/Aggressor-Script
[ ] https://github.com/EncodeGroup/AggressiveGadgetToJScript
[ ] https://github.com/bytecod3r/Cobaltstrike-Aggressor-Scripts-Collection
[ ] https://github

CobaltStrike

Install / Use

README

《深入理解Cobalt Strike》

01-CobaltStrike资源

02-CobaltStrike程序

03-CobaltStrike功能

04-CobaltStrike扩展

Related Skills