GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → bluscreenofjeff → Aggressorscripts

bluscreenofjeff / Aggressorscripts

Licence: bsd-3-clause
Aggressor scripts for use with Cobalt Strike 3.0+

Labels

red-teambeacon

Projects that are alternatives of or similar to Aggressorscripts

Black Hat Rust
Applied offensive security with Rust - Early access - https://academy.kerkour.com/black-hat-rust?coupon=GITHUB
Stars: ✭ 331 (-33.93%)
Mutual labels:  beacon, red-team
Dref
DNS Rebinding Exploitation Framework
Stars: ✭ 423 (-15.57%)
Mutual labels:  red-team
Pentmenu
A bash script for recon and DOS attacks
Stars: ✭ 288 (-42.51%)
Mutual labels:  red-team
Infosec reference
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Stars: ✭ 4,162 (+730.74%)
Mutual labels:  red-team
Adversary emulation library
An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.
Stars: ✭ 295 (-41.12%)
Mutual labels:  red-team
Ghostwriter
The SpecterOps project management and reporting engine
Stars: ✭ 394 (-21.36%)
Mutual labels:  red-team
marvelmind-indoor-gps-tutorial
A tutorial for setting up and interfacing with Marvelmind Indoor 'GPS' ultrasonic beacons!
Stars: ✭ 31 (-93.81%)
Mutual labels:  beacon
Geacon
Practice Go programming and implement CobaltStrike's Beacon in Go
Stars: ✭ 460 (-8.18%)
Mutual labels:  beacon
Deimosc2
DeimosC2 is a Golang command and control framework for post-exploitation.
Stars: ✭ 423 (-15.57%)
Mutual labels:  red-team
Aiodnsbrute
Python 3.5+ DNS asynchronous brute force utility
Stars: ✭ 370 (-26.15%)
Mutual labels:  red-team
React Native Ibeacon
📡 iBeacon support for React Native
Stars: ✭ 359 (-28.34%)
Mutual labels:  beacon
Hunter
(l)user hunter using WinAPI calls only
Stars: ✭ 359 (-28.34%)
Mutual labels:  red-team
Paradoxiarat
ParadoxiaRat : Native Windows Remote access Tool.
Stars: ✭ 395 (-21.16%)
Mutual labels:  red-team
Cobaltstrike Toolset
Aggressor Script, Kits, Malleable C2 Profiles, External C2 and so on
Stars: ✭ 290 (-42.12%)
Mutual labels:  red-team
Dns Rebind Toolkit
A front-end JavaScript toolkit for creating DNS rebinding attacks.
Stars: ✭ 435 (-13.17%)
Mutual labels:  red-team
Ble Indoor Positioning
Multilateration using bluetooth beacons
Stars: ✭ 274 (-45.31%)
Mutual labels:  beacon
Slackor
A Golang implant that uses Slack as a command and control server
Stars: ✭ 392 (-21.76%)
Mutual labels:  red-team
React Native Beacons Manager
React-Native library for detecting beacons (iOS and Android)
Stars: ✭ 467 (-6.79%)
Mutual labels:  beacon
Quasar
Remote Administration Tool for Windows
Stars: ✭ 4,897 (+877.45%)
Mutual labels:  red-team
Packetwhisper
PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
Stars: ✭ 405 (-19.16%)
Mutual labels:  red-team
View All Similar Projects ➔

AggressorScripts

Aggressor scripts for use with Cobalt Strike 3.0+

apache-style-weblog-output.cna - outputs weblog hits to an Apache-like access log file named weblog.log in Cobalt Strike's working directory

beacon_to_empire.cna - a script that leverages Powershell Empire's RESTful API to migrate sessions from a Beacon session on Cobalt Strike

beaconid_note.cna - set Beacon note to its ID on load and initial checkin (primarily useful when coding Aggressor scripts)

beaconestablishednote.cna - set Beacon note to the time it was established on initial checkin

Beaconpire - send Beacons to Empire and pull Empire Agents into Cobalt Strike

CCDC - a collection of scripts designed for use at CCDC

  • lulz.cna - includes some Blue Team annoyance functions: IE Popup (kiosk mode), Windows Alert (7+), Host Shutdown, Boo.exe (uploads/executes Boo), and Clippy popup (requires setup and Windows 7).
  • misc.cna - includes functions to stomp the host file with a chosen text file or add an entry to the existing host file.
  • sysinternals-killer.cna - Automatically kill common Blue Team processes, such as the Sysinternals tools, on launch

checkin_jobs_context.cna - adds context menu options to run "checkin" or "jobs" on Beacon session to help detect stale beacons in bulk

eventlog-to-slack.cna - script to send event log events to Slack. NOTE: Review code before deploying in production. Sensitive information (usernames, hostnames, teamserver IPs) will be sent to Slack.

forcecheckin.cna - forces an SMB Beacon to checkin after a specified frequency

mass-dcsync.cna - DCSync a line-separated list of users from a DC

mimikatz-every-30m.cna - runs mimikatz's "logonpasswords" alias every thirty minutes

mimikatz-timestamp-note-BETA.cna - POC script that adds a timestamp to the source column in new credentials. The script is considered BETA - it has not been field tested and has bugs.

OPSEC Profiles - limits the commands Cobalt Strike can execute while loaded. Used to reduce the chance of performing high-risk actions in mature target environments.

powershell.cna - adds context items for some common Powerup and Powerview functions. For this to work, you must put the PowerUp.ps1 and powerview.ps1 files in the same directory as this script

ping_aliases.cna - creates an alias for quick ping (one ping packet w/ shell) and smbscan (to portscan smb w/o ping)

ps-window-alias.cna - creates an alias to open the process browser pane for the current Beacon

silver-tickets.cna - monitors Beacon output for machine hashes and stores them in the cred store. Also adds a dialog box for generating a Silver Ticket from a gathered machine hash

slack-notify-beacon.cna - sends a generic alert to a chosen Slack channel via incoming webhook when a new Beacon is established(requires curl on team server)

slack-notify-webhit.cna - sends a generic alert to a chosen Slack channel via incoming webhook when a specific URI or URIs are requested (requires curl on team server)

sleep-down-when-no-operators.cna - increases the sleep interval on all Beacons when there are no operators logged in

sleeptimer.cna - automatically sets sleep intervals based on time (i.e. from 10p to 6a, sleep for 60s). Resets to 60s sleeps when the sleep interval ends.

stale-beacon-notifier.cna - sends a generic alert to a chosen Slack channel via incoming webhook when a Beacon's last checkin exceeds a specified time (requires curl on team server).

timestamped_activitylog_export.cna - Outputs all event and activity logs with human-readable timestamp to activitylog.txt in your working directory (runs on script load)

Other Aggressor Repos

Submissions

Please feel free to submit a Pull Request with fixes or improvements to any of the existing scripts; however, my intention is to only keep Aggressor scripts that I've written in this repo.

If you have an idea for a script and would like to submit it somewhere, consider adding it to Lee Kagan's Aggressor Scripts Collection repo.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].