所有收集类项目

CobaltStrike

• 跟Cobalt Strike相关资料, 包括100+工具和200+文章
• English Version

目录

• External C2 -> (9)工具 (10)文章
• Malleable C2 -> (6)工具 (10)文章
• Beacon -> (24)工具 (63)文章
• Listener -> (1)工具
• Aggressor Script -> (29)工具 (8)文章
• 新添加 -> (39)工具 (117)文章

External C2

工具

• [325星][2y] [C#] spiderlabs/dohc2 DoHC2 allows the ExternalC2 library from Ryan Hanson (
• [222星][23d] [PS] qax-a-team/cobaltstrike-toolset Aggressor Script, Kits, Malleable C2 Profiles, External C2 and so on
• [188星][3y] [C#] ryhanson/externalc2 A library for integrating communication channels with the Cobalt Strike External C2 server
• [150星][26d] [Py] und3rf10w/external_c2_framework Python api for usage with cobalt strike's External C2 specification
• [140星][1m] [C++] xorrior/raven CobaltStrike External C2 for Websockets
• [76星][30d] [C] outflanknl/external_c2 POC for Cobalt Strike external C2
• [58星][1y] [C#] mdsecactivebreach/browser-externalc2 External C2 Using IE COM Objects
• [58星][2m] [Py] truneski/external_c2_framework Python api for usage with cobalt strike's External C2 specification
• [37星][3m] [Go] lz1y/gecc Cobalt Strike - Go External C2 Client

文章

• 2019.12 [talosintelligence] WAGO PFC200 iocheckd service "I/O-Check" external tool information exposure vulnerability
• 2019.10 [aliyun] Cobalt Strike 的 ExternalC2
• 2019.03 [4hou] 恶意软件如何将External C2和IE COM对象用于命令和控制
• 2019.03 [aliyun] 探索CobaltStrike的External C2框架
• 2019.02 [mdsec] External C2, IE COM Objects and how to use them for Command and Control
• 2018.04 [360] 一起探索Cobalt Strike的ExternalC2框架
• 2018.04 [aliyun] 深入探索Cobalt Strike的ExternalC2框架
• 2018.03 [xpnsec] 探索Cobalt Strike与C&C通信的ExternalC2框架/通信规范
• 2017.10 [360] Cobalt Strike的特殊功能（external_C2）探究
• 2013.10 [colinpoflynn] PLIP DEC2013: Hardware Co-Sim with External Hardware (Serial Port)

Malleable C2

工具

• [462星][2y] rsmudge/malleable-c2-profiles Malleable C2 is a domain specific language to redefine indicators in Beacon's communication. This repository is a collection of Malleable C2 profiles that you may use. These profiles work with Cobalt Strike 3.x.
• [217星][2y] [Py] bluscreenofjeff/malleable-c2-randomizer A script to randomize Cobalt Strike Malleable C2 profiles and reduce the chances of flagging signature-based detection controls
• [205星][23d] threatexpress/malleable-c2 Cobalt Strike Malleable C2 Design and Reference Guide
• [105星][9m] xx0hcd/malleable-c2-profiles Cobalt Strike - Malleable C2 Profiles. A collection of profiles used in different projects using Cobalt Strike
• [41星][3y] bluscreenofjeff/malleablec2profiles Malleable C2 profiles for Cobalt Strike
• [None星][Py] fortynorthsecurity/c2concealer C2concealer is a command line tool that generates randomized C2 malleable profiles for use in Cobalt Strike.

文章

• 2018.12 [freebuf] 关于Cobalt Strike的Malleable-C2-Profiles浅析
• 2018.09 [aliyun] 【翻译】深入研究cobalt strike malleable C2配置文件
• 2018.09 [specterops] A Deep Dive into Cobalt Strike Malleable C2
• 2018.09 [threatexpress] A Deep Dive into Cobalt Strike Malleable C2
• 2018.09 [threatexpress] A Deep Dive into Cobalt Strike Malleable C2
• 2018.06 [cobaltstrike] Broken Promises and Malleable C2 Profiles
• 2018.01 [threatexpress] Automating Apache mod_rewrite and Cobalt Strike Malleable C2 for Intelligent Redirection
• 2017.08 [bluescreenofjeff] Randomized Malleable C2 Profiles Made Easy
• 2017.01 [bluescreenofjeff] How to Write Malleable C2 Profiles for Cobalt Strike
• 2014.07 [harmj0y] A Brave New World: Malleable C2

Beacon

工具

• [244星][6m] [PS] rsmudge/elevatekit The Elevate Kit demonstrates how to use third-party privilege escalation attacks with Cobalt Strike's Beacon payload.
• [193星][17d] [Go] darkr4y/geacon Practice Go programming and implement CobaltStrike's Beacon in Go
• [129星][2m] [JS] dermike/slide-beacon-app Share links from your Mac using this app to broadcast them as a Physical Web Eddystone URL bluetooth beacon or mDNS.
• [115星][4m] [HTML] romanemelyanov/cobaltstrikeforensic Toolset for research malware and Cobalt Strike beacons
• [71星][6m] [Py] daddycocoaman/beacongraph Graph visualization of wireless client and access point relationships
• [59星][24d] [Go] averagesecurityguy/c2 A simple, extensible C&C beaconing system.
• [57星][2m] [Shell] cyb0r9/network-attacker Programmed For Penetration Testing Beginners . This Program Based on Mdk3 . "WiFi Stress Testing Beacon Flooding & Deauthentication Attack "
• [56星][24d] [HTML] aravinthpanch/rssi Indoor localisation using RSSI. RSSI is received signal strength indicator in IEEE 802.11 beacon packet to announce the presence of WiFi.This tool was built to study & visualize the data collected in the experiments. This was done at Telecommunications Network Group (TKN), Berlin as part of EVARILOS.
• [50星][2m] 001spartan/csfm Cobalt Strike Field Manual - A quick reference for Windows commands that can be accessed in a beacon console.
• [45星][10m] [JS] dermike/physical-web-scan-app Mac OSX desktop client app to scan for Physical Web (Eddystone) bluetooth beacons
• [39星][4m] [C++] lijuno/nrf24_ble Hacking nRF24L01+ as a low-cost BLE beacon
• [30星][5m] chriso0710/pikiosk Automate Chromium in kiosk mode and Eddystone beacon on Raspberry Pi Raspbian Jessie with Ansible. Use a single command to update the kiosk and Eddystone URLs on all machines.
• [29星][24d] [TS] iot-makers/sigfox-platform Open Source platform to display and parse Sigfox messages in real time with Sigfox, GPS, WiFi & beacon geolocalisation
• [25星][9m] [C] clockfort/wifi-locator Determines physical location of station judging from 802.11 beacons' BSSID/Signal/Noise/Quality information.
• [20星][5m] [C++] 6e726d/native-wifi-api-beacon-sniffer Tool that dumps beacon frames to a pcap file. Works on Windows Vista or Later with any Wireless Card.
• [14星][23d] [Py] mlodic/ursnif_beacon_decryptor Ursnif beacon decryptor
• [12星][1m] [Go] wahyuhadi/beacon-c2-go backdoor c2
• [11星][3m] [Dockerfile] d3vzer0/cnc-relay Docker projects to retain beacon source IPs using C2 relaying infra
• [10星][2y] [C] wifimon/wifimon Wi-fi 802.11 Beacon Frame sniffer
• [9星][3y] [C] loukamb/beacon Lightweight, header-only C++ IPC library for Windows operating systems (Vista+) using advanced local procedure calls
• [9星][4m] [Py] ajackal/cherrywasp An 802.11 probe request and beacon sniffer.
• [2星][9m] [Shell] b3n-j4m1n/flood-kick-sniff Known Beacons attack tool
• [2星][5m] [Shell] op7ic/rt-officebeaconbox Simple Office-based beacon that calls back to your server for phishing exercises.
• [None星][C++] rvn0xsy/linco2 模拟Cobalt Strike的Beacon与C2通信过程，实现了基于HTTP协议的Linux C2

文章

• 2020.05 [pentestpartners] Short beacon analysis on the NHS iOS Tracking application
• 2020.05 [findingbad] Hunting for Beacons Part 2
• 2020.05 [findingbad] Hunting for Beacons
• 2020.04 [activecountermeasures] Threat Simulation – Beacons
• 2020.04 [tindie] UHF Radio Beacon for Lost RC Models
• 2020.04 [aliyun] cobaltstrike dns beacon知多少
• 2020.03 [blackhillsinfosec] Detecting Malware Beacons With Zeek and RITA
• 2020.01 [fox] Hunting for beacons
• 2019.11 [s0lst1c3] Modern Wireless Tradecraft Pt II — MANA and Known Beacon Attacks
• 2019.10 [specterops] Modern Wireless Tradecraft Pt II — MANA and Known Beacon Attacks
• 2019.08 [TechMinds] Hunting LF/MF/HF Beacons With An Airspy HF+ Discovery
• 2019.05 [activecountermeasures] Detecting Beacons With Jitter
• 2019.05 [freebuf] 通过ee-outliers与Elasticsearch检测TLS beaconing
• 2019.04 [activecountermeasures] Simplifying Beacon Analysis through Big Data Analysis
• 2019.04 [NDSSSymposium] NDSS 2019 MBeacon: Privacy-Preserving Beacons for DNA Methylation Data
• 2019.02 [sensorfu] SensorFu Beacon How To: 3 steps to always know if your isolated Linux leaks
• 2019.02 [sensorfu] Deploying SensorFu Beacon Windows Application with GPO
• 2019.02 [rapid7] Smart Sensors: A Look at Beacon Security
• 2019.02 [sensorfu] Using SensorFu Beacon to supplement Threat Intel
• 2018.12 [nviso] TLS beaconing detection using ee-outliers and Elasticsearch
• 2018.11 [DEFCONConference] DEF CON 26 HARDWARE HACKING VILLAGE - John Aho - WiFi Beacons will give you up
• 2018.10 [NullByte] Track & Connect to Smartphones with a Beacon Swarm [Tutorial]
• 2018.09 [blackhillsinfosec] PODCAST: Beacon Analysis
• 2018.09 [activecountermeasures] Threat Hunting Beacon Analysis Webcast from September 11, 2018
• 2018.08 [activecountermeasures] Threat Hunting – Simplifying The Beacon Analysis Process
• 2018.08 [activecountermeasures] Beacon Analysis – The Key to Cyber Threat Hunting
• 2018.08 [jpcert] Volatility Plugin for Detecting Cobalt Strike Beacon
• 2018.08 [jpcert] Volatility Plugin for Detecting Cobalt Strike Beacon
• 2018.04 [activecountermeasures] New Beacon Graph in the Works
• 2018.04 [3gstudent] CIA Hive Beacon Infrastructure复现2——使用Apache mod_rewrite实现https流量分发
• 2018.04 [3gstudent] CIA Hive Beacon Infrastructure复现2——使用Apache mod_rewrite实现https流量分发
• 2018.04 [3gstudent] CIA Hive Beacon Infrastructure复现1——使用Apache mod_rewrite实现http流量分发
• 2018.04 [3gstudent] CIA Hive Beacon Infrastructure复现1——使用Apache mod_rewrite实现http流量分发
• 2018.04 [rvrsh3ll] Redirecting Cobalt Strike DNS Beacons
• 2018.02 [census] The Known Beacons Attack (34th Chaos Communication Congress)
• 2017.06 [cobaltstrike] OPSEC Considerations for Beacon Commands
• 2017.06 [360] 使用Flare、Elastic Stack、IDS检测恶意软件通信的“beaconing”
• 2017.06 [social] Web Beacons for Social Engineering Reconnaissance
• 2017.06 [austintaylor] 使用 Flare、ElasticStack 及 IDS 检测 Beaconing（恶意软件周期性与C&C通信的过程）
• 2017.06 [longtermsec] Chrome just hardened the Navigator Beacon API against Cross-Site-Request-Forgery (CSRF)
• 2017.02 [freebuf] Cobalt Strike之DNS Beacon使用记录
• 2016.11 [jerrygamblin] Spoofing Beacon Frames From The 5000 Most Common SSIDS
• 2016.10 [rvrsh3ll] Redirecting Cobalt Strike DNS Beacons
• 2016.09 [christophertruncer] Receiving Text Messages for your Incoming Beacons
• 2016.07 [] Forging WiFi Beacon Frames Using Scapy
• 2016.05 [breakpoint] Using Python to Decrypt Dispind.A and Helminth HTTP Beacons
• 2016.05 [arxiv] [1605.04559] Bitcoin Beacon
• 2015.11 [freebuf] HackRF嗅探蓝牙重放iBeacons信号
• 2015.11 [alienvault] Ultrasound Tracking Beacons Making Things Sort of Creepy For Consumers
• 2015.10 [z4ziggy] Exploring Bluetooth & iBeacons – from software to radio signals and back.
• 2015.09 [christophertruncer] Upgrading Your Shells to Beacons
• 2015.07 [securitykitten] Finding Beacons With Bro
• 2015.04 [arxiv] [1504.07192] Location-aware sign-on and key exchange using attribute-based encryption and Bluetooth beacons
• 2015.01 [securityriskadvisors] Beaconing Past McAfee ePO
• 2014.10 [sans] CSAM: Be Wary of False Beacons
• 2014.08 [freebuf] BTLE/BT4.0低功耗蓝牙无线发包器（可模拟iBeacon、建链、通信等）
• 2014.05 [rsa] Sality Botnet Beacons Change- How to Detect It
• 2014.05 [metaflows] Got Beacons?
• 2014.02 [rsa] Detecting the Zusy Botnet Beaconing
• 2013.11 [freebuf] 关于分析Cobalt Strike的beacon.dll的一些TIPS
• 2012.12 [arxiv] [1212.2404] A beaconing approach whith key exchange in vehicular ad hoc networks
• 2012.10 [toolswatch] New feature “Beacon” added to Cobalt Strike
• 2012.07 [talosintelligence] Banking Trojan Spread Via UPS Phish Uses 0xDEADBEEF Beacon

Listener

工具

• [49星][20d] [Shell] taherio/redi Automated script for setting up CobaltStrike redirectors (nginx reverse proxy, letsencrypt)

Aggressor Script

工具

• [758星][8m] [C#] harleyqu1nn/aggressorscripts Cobalt Strike 3.0+ Aggressor 脚本收集
• [378星][2y] bluscreenofjeff/aggressorscripts Aggressor scripts for use with Cobalt Strike 3.0+
• [369星][18d] [Java] rsmudge/cortana-scripts A collection of Cortana scripts that you may use with Armitage and Cobalt Strike 2.x. Cortana Scripts are not compatible with Cobalt Strike 3.x. Cobalt Strike 3.x uses a variant of Cortana called Aggressor Script.
• [252星][3y] [PS] und3rf10w/aggressor-scripts Aggressor scripts I've made for Cobalt Strike
• [215星][2y] [C#] spiderlabs/sharpcompile SharpCompile is an aggressor script for Cobalt Strike which allows you to compile and execute C# in realtime. This is a more slick approach than manually compiling an .NET assembly and loading it into Cobalt Strike. The project aims to make it easier to move away from adhoc PowerShell execution instead creating a temporary assembly and executing…
• [175星][22d] uknowsec/sharptoolsaggressor 内网渗透中常用的c#程序整合成cs脚本，直接内存加载。持续更新~
• [174星][2y] ramen0x3f/aggressorscripts audit your machines or machines you're authorized to audit
• [144星][4m] [PS] vysecurity/aggressor-vysec CobaltStrike Aggressor Scripts
• [126星][2y] zonksec/persistence-aggressor-script initial commit
• [102星][2y] [PS] rhinosecuritylabs/aggressor-scripts Aggregation of Cobalt Strike's aggressor scripts.
• [101星][27d] 001spartan/aggressor_scripts A collection of useful scripts for Cobalt Strike
• [97星][2y] [PS] rasta-mouse/aggressor-script Collection of Aggressor Scripts for Cobalt Strike
• [93星][4m] [Py] fortynorthsecurity/aggressorassessor Aggressor scripts for phases of a pen test or red team assessment
• [87星][22d] k8gege/aggressor Ladon for Cobalt Strike, Large Network Penetration Scanner, vulnerability / exploit / detection / MS17010 / password/brute-force
• [87星][22d] k8gege/aggressor Ladon for Cobalt Strike, Large Network Penetration Scanner, vulnerability / exploit / detection / MS17010 / password/brute-force
• [73星][27d] vysecurity/cve-2018-4878 Aggressor Script to launch IE driveby for CVE-2018-4878
• [68星][2y] tevora-threat/powerview3-aggressor Cobalt Strike Aggressor script menu for Powerview/SharpView
• [57星][2y] [PS] invokethreatguy/csasc Cobalt Strike Aggressor Script Collection
• [46星][4m] [Py] coalfire-research/vampire Vampire is an aggressor script which integrates with BloodHound to mark nodes as owned.
• [46星][16d] [JS] threatexpress/aggressor-scripts Cobalt Strike Aggressor Scripts
• [43星][27d] tevora-threat/aggressor-powerview PowerView menu for Cobalt Strike
• [39星][2y] secgroundzero/cs-aggressor-scripts Aggressor Scripts for Cobalt Strike
• [30星][17d] mgeeky/cobalt-arsenal My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+
• [25星][6m] scanfsec/cve-2018-15982 Aggressor Script to launch IE driveby for CVE-2018-15982.
• [22星][3y] [PS] oldb00t/aggressorscripts Cobaltstrike Aggressor Scripts
• [22星][12m] superdong0/aggressor_mail beacon,aggressor-scripts,cna,cobalt-strike,email
• [18星][3m] mdsecactivebreach/execute-githubassembly-aggressor Aggressor Script to Execute Assemblies from Github
• [1星][8m] kingsabri/aggressorscripts A collection of Cobalt Strike aggressor scripts
• [None星][C] timwhitez/cobalt-strike-aggressor-scripts Cobalt Strike Aggressor 插件包

文章

• 2019.06 [rastamouse] The Return of Aggressor
• 2018.07 [tevora] A SharpView and More Aggressor
• 2018.03 [tevora] Aggressor PowerView
• 2018.03 [] Aggressor 101: Unleashing Cobalt Strike for Fun and Profit
• 2018.02 [360] Cobalt Strike神器高级教程利用Aggressor脚本编写目标上线邮件提醒
• 2016.11 [bluescreenofjeff] Beaconpire - Cobalt Strike and Empire Interoperability with Aggressor Script
• 2016.09 [bluescreenofjeff] Adding Easy GUIs to Aggressor Scripts
• 2016.05 [zonksec] Persistence Aggressor Script

新添加

工具

• [822星][4m] aleenzz/cobalt_strike_wiki Cobalt Strike系列
• [409星][2y] [Shell] killswitch-gui/cobaltstrike-toolkit Some useful scripts for CobaltStrike
• [398星][21d] [Py] vysecurity/morphhta morphHTA - Morphing Cobalt Strike's evil.HTA
• [225星][4m] [PS] outflanknl/excel4-dcom PowerShell和Cobalt Strike脚本，通过DCOM执行Excel4.0/XLM宏实现横向渗透（直接向Excel.exe注入Shellcode）
• [224星][3m] gloxec/crossc2 generate CobaltStrike's cross-platform payload
• [213星][18d] [PS] vysecurity/angrypuppy Bloodhound Attack Path Automation in CobaltStrike
• [193星][4m] [PS] phink-team/cobaltstrike-ms17-010 cobaltstrike ms17-010 module and some other
• [190星][17d] [Py] threatexpress/cs2modrewrite Convert Cobalt Strike profiles to modrewrite scripts
• [150星][22d] [C#] josephkingstone/cobalt_strike_extension_kit Tired of typing execute-assembly everytime you use Cobalt Strike? Clone this.
• [117星][5m] [Py] verctor/cs_xor64 cobaltstrike xor64.bin补完计划
• [115星][2y] ridter/cs_chinese_support Cobalt strike 修改支持回显中文。
• [110星][18d] fox-it/cobaltstrike-extraneous-space Historical list of {Cobalt Strike,NanoHTTPD} servers
• [101星][3y] [Py] mr-un1k0d3r/sct-obfuscator Cobalt Strike SCT payload obfuscator
• [91星][4m] 0xthirteen/staykit Cobalt Strike kit for Persistence
• [89星][5m] [C#] jnqpblc/sharpspray SharpSpray a simple code set to perform a password spraying attack against all users of a domain using LDAP and is compatible with Cobalt Strike.
• [89星][17d] [Py] k8gege/scrun BypassAV ShellCode Loader (Cobaltstrike/Metasploit)
• [88星][1y] [Py] dcsync/pycobalt Cobalt Strike API, Python版本
• [87星][1m] [Py] ryanohoro/csbruter Cobalt Strike team server password brute force tool
• [82星][2y] [java] anbai-inc/cobaltstrike_hanization CobaltStrike 2.5中文汉化版
• [73星][4m] [C#] 0xthirteen/movekit Cobalt Strike kit for Lateral Movement
• [56星][4m] 1135/1135-cobaltstrike-toolkit about CobaltStrike
• [51星][3y] p292/ddeautocs A cobaltstrike script that integrates DDEAuto Attacks
• [45星][4m] [C#] jnqpblc/sharptask SharpTask is a simple code set to interact with the Task Scheduler service api and is compatible with Cobalt Strike.
• [45星][28d] vysecurity/cobaltsplunk Splunk Dashboard for CobaltStrike logs
• [41星][3y] [Go] empty-nest/emptynest 基于插件的 C2 服务器框架。其目标不是取代某些强大的工具（例如 Empire、Metasploit、CobaltStrike），而是创建一个支持框架，以便为自定义 agents 快速创建小型、专用的 handlers
• [33星][3m] tom4t0/cobalt-strike-persistence cobalt strike 自启动脚本
• [30星][5m] [C#] mr-un1k0d3r/remoteprocessinjection C# remote process injection utility for Cobalt Strike
• [29星][6m] redteamwing/cobaltstrike_wiki Cobalt Strike 3.12中文文档
• [27星][2m] johnnydep/cobaltstrike cobalt strike stuff I have gathered from around github
• [24星][21d] [HTML] ridter/cs_custom_404 Cobalt strike custom 404 page
• [22星][5m] [Py] k8gege/pyladon Ladon For Python, Large Network Penetration Scanner & Cobalt Strike, vulnerability / exploit / detection / MS17010
• [19星][2m] icebearfriend/quickrundown Smart overlay for Cobalt Strike PS function
• [17星][4m] [Py] attactics/cslogwatch Cobalt Strike log state tracking, parsing, and storage
• [14星][2m] [TS] hattmo/c2profilejs Web UI for creating C2 profiles for Cobalt Strike
• [9星][2y] [Zeek] sjosz/cnc-detection Detecting PowerShell Empire, Metasploit Meterpreter and Cobalt Strike agents by payload size sequence analysis and host correlation
• [3星][3m] [Shell] war-horse/docker-cobaltstrike A Cobaltstrike container, built for Warhorse
• [None星][C++] outflanknl/spray-ad A Cobalt Strike tool to audit Active Directory user accounts for weak, well known or easy guessable passwords.
• [None星]hack2fun/bypassav Cobalt Strike插件，用于快速生成免杀的可执行文件
• [None星][PS] k8gege/powerladon Large Network Penetration Scanner & Cobalt Strike, Ladon for PowerShell, vulnerability / exploit / detection / MS17010

文章

• 2020.04 [venus] 渗透利器 Cobalt Strike 在野利用情况专题分析
• 2020.04 [t00ls] CobaltStrike Powershell Bypass AV 初探
• 2020.04 [securelist] Loncom packer: from backdoors to Cobalt Strike
• 2020.03 [freebuf] Cobalt Strike折腾踩坑填坑记录
• 2020.03 [venus] Cobalt Strike 4.0 手册——献给渗透测试人员的先进威胁战术
• 2020.03 [cobaltstrike] Cobalt Strike joins Core Impact at HelpSystems, LLC
• 2020.02 [freebuf] 精品公开课｜CobaltStrike基础到进阶
• 2020.01 [malware] 2020-01-21 - HANCITOR INFECTION WITH COBALT STRIKE
• 2020.01 [freebuf] 内网渗透实验：基于Cobaltstrike的一系列实验
• 2019.12 [4hou] Cobalt Strike的blockdlls利用分析
• 2019.12 [malware] 2019-12-10 - DATA DUMP: HANCITOR INFECTION WITH URSNIF AND COBALT STRIKE
• 2019.12 [cobaltstrike] Cobalt Strike 4.0 – Bring Your Own Weaponization
• 2019.11 [ColinHardy] Excel 4.0 Macros Analysis - Cobalt Strike Shellcode Injection
• 2019.11 [3gstudent] Cobalt Strike的blockdlls利用分析
• 2019.11 [ironcastle] Hancitor infection with Pony, Evil Pony, Ursnif, and Cobalt Strike, (Wed, Nov 20th)
• 2019.11 [aliyun] Cobaltstrike Server持久化 & Cobaltstrike与Metasploit相互派生shell
• 2019.09 [aliyun] 细说Cobalt Strike进程注入
• 2019.09 [aliyun] CobaltStrike插件开发官方指南 Part3
• 2019.09 [aliyun] CobaltStrike插件开发官方指南 Part3
• 2019.08 [cobaltstrike] Cobalt Strike’s Process Injection: The Details
• 2019.08 [freebuf] 利用CobaltStrike捆绑后门的艺术
• 2019.08 [blackhillsinfosec] Using CloudFront to Relay Cobalt Strike Traffic
• 2019.08 [aliyun] CobaltStrike插件开发官方指南 Part2
• 2019.08 [aliyun] CobaltStrike插件开发官方指南 Part1
• 2019.08 [aliyun] 初探CobaltStrike权限维持及其自动化
• 2019.08 [4hou] 捆绑后门的艺术--CobaltStrike backdoor分析
• 2019.07 [malware] 2019-07-22 - HANCITOR-STYLE AMADEY MALSPAM PUSHES PONY & COBALT STRIKE
• 2019.07 [malware] 2019-07-22 - HANCITOR SWITCHES TO AMADEY, STILL PUSHING PONY/URSNIF/COBALT STRIKE
• 2019.07 [malware] 2019-07-03 - QUICK POST: HANCITOR INFECTION WITH COBALT STRIKE
• 2019.07 [malware] 2019-07-02 - QUICK POST: HANCITOR INFECTION WITH COBALT STRIKE
• 2019.06 [evi1cg] Cobalt Strike Spear Phish
• 2019.05 [rsa] Detecting Command and Control in RSA NetWitness: Cobalt Strike
• 2019.05 [cobaltstrike] Cobalt Strike 3.14 – Post-Ex Omakase Shimasu
• 2019.04 [pentestpartners] Cobalt Strike. Walkthrough for Red Teamers
• 2019.04 [4hou] 渗透测试神器Cobalt Strike的“双面间谍”身份分析
• 2019.02 [aliyun] 渗透利器Cobalt Strike - 第2篇 APT级的全面免杀与企业纵深防御体系的对抗
• 2019.02 [obscuritylabs] Installing CobaltStrike on Ubuntu 18.04
• 2019.02 [obscuritylabs] Installing CobaltStrike on Ubuntu 18.04
• 2019.02 [4hou] 使用Cobalt Strike和Gargoyle绕过杀软的内存扫描
• 2019.01 [xpnsec] How to Argue like Cobalt Strike
• 2019.01 [cobaltstrike] Cobalt Strike 3.13 – Why do we argue?
• 2018.11 [olafhartong] Cobalt Strike Remote Threads detection
• 2018.09 [crowdstrike] Meet CrowdStrike’s Adversary of the Month for September: COBALT SPIDER
• 2018.09 [cobaltstrike] Cobalt Strike 3.12 – Blink and you’ll miss it
• 2018.08 [freebuf] 一起来看看Cobaltstrike和Armitage联动能达到什么效果
• 2018.07 [f] Bypassing Memory Scanners with Cobalt Strike and Gargoyle
• 2018.07 [mwrinfosecurity] 利用 Cobalt Strike 和 Gargoyle 绕过内存扫描器
• 2018.04 [cobaltstrike] Cobalt Strike 3.11 – The snake that eats its tail
• 2018.04 [4hou] 【更新】Cobalt strike3.8 中文支持
• 2018.04 [evi1cg] Cobalt strike3.8 中文支持(Update)
• 2018.03 [360] Cobalt Strike：使用混淆技术绕过Windows Defender
• 2018.03 [aliyun] Cobalt Strike——利用混淆处理绕过Windows Defender
• 2018.03 [aliyun] 【软件安全】Patch Cobalt Strike3.8 去除后门并修补功能
• 2018.03 [] Cobalt Strike Visualizations
• 2018.03 [offensiveops] 使用混淆绕过Windows Defender
• 2018.03 [360] Cobalt Strike中DNS隐蔽隧道的利用，以及使用DLP进行检测
• 2018.01 [4hou] cobalt strike OPSEC配置文件简介
• 2018.01 [bluescreenofjeff] Cobalt Strike OPSEC Profiles
• 2017.12 [freebuf] Cobalt Strike实战技巧持久性权限控制姿势
• 2017.12 [cobaltstrike] Cobalt Strike 3.10 – Хакер vs. 肉雞
• 2017.12 [threatexpress] Slack Notifications for Cobalt Strike
• 2017.12 [blackhillsinfosec] A Morning with Cobalt Strike & Symantec
• 2017.11 [riskiq] Gaffe Reveals Full List of Targets in Spear Phishing Attack Using Cobalt Strike Against Financial Institutions
• 2017.11 [fortinet] Cobalt Malware Strikes Using CVE-2017-11882 RTF Vulnerability
• 2017.11 [fortinet] FortiGuard Labs 发现利用 RTF 漏洞 CVE-2017-11882 攻击的恶意软件
• 2017.11 [trendmicro] 黑客组织 Cobalt 利用 CVE-2017-8759漏洞攻击俄国银行
• 2017.10 [secvul] Metasploit和Cobalt Strike的四种联动场景
• 2017.10 [360] 如何利用Office 365的任务功能搭建Cobalt Strike C2通道
• 2017.09 [rsa] Malspam delivers Cobalt Strike payload 9-19-2017
• 2017.09 [mwrinfosecurity] “Tasking” Office 365 for Cobalt Strike C2
• 2017.09 [cobaltstrike] Cobalt Strike 3.9 – Livin’ in a Stager’s Paradise
• 2017.09 [evi1cg] cobaltstrike3.8 破解版
• 2017.06 [vkremez] Let's Learn (DIY): Sophisticated Cobalt Strike Gang's CVE-2017-0199 Loader
• 2017.05 [cobaltstrike] Cobalt Strike 3.8 – Who’s Your Daddy?
• 2017.05 [freebuf] Cobalt Strike学习笔记（持续更新）
• 2017.04 [ecforce] CVE-2017-0199 exploitation with Cobalt Strike tutorial
• 2017.04 [trustedsec] Equation Group Dump Analysis and Full RCE on Win7 on MS17-010 with Cobalt Strike
• 2017.04 [aliyun] Cobalt Strike搭建和使用以及bybass杀软
• 2017.03 [cobaltstrike] Cobalt Strike 3.7 – Cat, Meet Mouse
• 2017.03 [freebuf] Cobalt Strike内网穿梭之如何在互联网中建立一个属于自己的Cobalt Strike服务器
• 2017.02 [zairon] From RTF to Cobalt Strike passing via Flash
• 2017.01 [freebuf] Cobalt strike在内网渗透中的使用
• 2017.01 [inspired] WMI Persistence with Cobalt Strike
• 2017.01 [freebuf] 利用Cobalt strike一步步教你发送钓鱼邮件
• 2017.01 [freebuf] 提权利器Cobalt Strike发布3.6版本
• 2016.12 [evi1cg] cobaltstrike3.6 破解版
• 2016.12 [cobaltstrike] Cobalt Strike 3.6 – A Path for Privilege Escalation
• 2016.12 [threatexpress] Slack Notifications for Cobalt Strike
• 2016.10 [cobaltstrike] Cobalt Strike Tapas II
• 2016.10 [cobaltstrike] Cobalt Strike 3.5.1 – Important Security Update
• 2016.09 [cobaltstrike] Cobalt Strike RCE. Active Exploitation Reported.
• 2016.09 [cobaltstrike] Cobalt Strike 3.5 – UNIX Post Exploitation
• 2016.09 [cobaltstrike] Cobalt Strike Tapas
• 2016.07 [cobaltstrike] Cobalt Strike 3.4 – Operational Details
• 2016.07 [cobaltstrike] HOWTO: Reset Your Cobalt Strike License Key
• 2016.06 [bluescreenofjeff] Cobalt Strike HTTP C2 Redirectors with Apache mod_rewrite
• 2016.05 [freebuf] CobaltStrike最新版完美破解方法
• 2016.01 [evi1cg] 强化你的Cobalt strike之Cortana
• 2015.12 [freebuf] 在Kali 2.0下安装破解最新版Cobalt Strike
• 2015.11 [evi1cg] Cobalt strike3.0使用手册
• 2015.10 [tan6600] Kali 2.0 安装 Cobalt Strike
• 2015.09 [] 科普：一条语句破解Cobaltstrike
• 2015.08 [freebuf] 如何制作Cobalt Strike v2.5破解版
• 2015.01 [freebuf] 自动化攻击测试平台Cobalt Strike v2.3破解版
• 2014.09 [freebuf] 自动化攻击测试平台Cobalt Strike v2.1（破解版）
• 2014.08 [freebuf] 自动化攻击测试平台Cobalt Strike 2.0.49破解版
• 2014.01 [security] Four Days with Cortana Script Engine - Cobalt Strike/Armitage
• 2013.12 [security] Three Days with Cortana Script Engine - Cobalt Strike/Armitage
• 2013.12 [security] Cobalt Strike Report Hosts Mod
• 2013.12 [security] Two Days with Cortana Script Engine - Cobalt Strike/Armitage
• 2013.12 [security] One Day with Cortana Script Engine - Cobalt Strike/Armitage
• 2013.12 [freebuf] 自动化攻击测试平台Cobalt Strike 1.48破解版
• 2013.11 [freebuf] 关于”windows 2008如何安装Cobalt Strike”的一些想法
• 2013.11 [freebuf] windows 2008如何安装Cobalt Strike
• 2013.08 [freebuf] Cobalt Strike Windows版破解
• 2013.04 [freebuf] Cobalt Strike—Armitage商业版
• 2012.08 [toolswatch] Blackhat USA 2012: Interview with Raphael Mudge about Armitage (Also Introducing CobaltStrike)

贡献

内容为系统自动导出, 有任何问题请提issue