Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details

All Projects → josephkingstone → Cobalt_strike_extension_kit

josephkingstone / Cobalt_strike_extension_kit

Licence: gpl-3.0

Attempting to be an all in one repo for others' userful aggressor scripts as well as things we've found useful during Red Team Operations.

Programming Languages

5483 projects

Labels

pentesting redteam

Projects that are alternatives of or similar to Cobalt strike extension kit

ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.

Stars: ✭ 131 (-62.03%)

Mutual labels: pentesting, redteam

Tactics, Techniques, and Procedures

Stars: ✭ 335 (-2.9%)

Mutual labels: pentesting, redteam

🚀 Fast Port Scanner 🚀

Stars: ✭ 134 (-61.16%)

Mutual labels: pentesting, redteam

Offline command line lookup utility for GTFOBins (https://github.com/GTFOBins/GTFOBins.github.io) and LOLBAS (https://github.com/LOLBAS-Project/LOLBAS)

Stars: ✭ 123 (-64.35%)

Mutual labels: pentesting, redteam

NewNtdllBypassInlineHook CSharp

Load a fresh new copy of ntdll.dll via file mapping to bypass API inline hook.

Stars: ✭ 35 (-89.86%)

Mutual labels: pentesting, redteam

Awesome Mobile Security

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

Stars: ✭ 1,837 (+432.46%)

Mutual labels: pentesting, redteam

Passwords Recovery Tool

Stars: ✭ 164 (-52.46%)

Mutual labels: pentesting, redteam

Automation for internal Windows Penetrationtest / AD-Security

Stars: ✭ 1,303 (+277.68%)

Mutual labels: pentesting, redteam

LeakScraper is an efficient set of tools to process and visualize huge text files containing credentials. Theses tools are designed to help penetration testers and redteamers doing OSINT by gathering credentials belonging to their target.

Stars: ✭ 227 (-34.2%)

Mutual labels: pentesting, redteam

DNS-Persist is a post-exploitation agent which uses DNS for command and control.

Stars: ✭ 191 (-44.64%)

Mutual labels: pentesting, redteam

Information Security Tasks

This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions

Stars: ✭ 108 (-68.7%)

Mutual labels: pentesting, redteam

OSINT

Stars: ✭ 322 (-6.67%)

Mutual labels: pentesting, redteam

DeepSea Phishing Gear

Stars: ✭ 96 (-72.17%)

Mutual labels: pentesting, redteam

Redteam Tactics And Techniques

Red Teaming Tactics and Techniques

Stars: ✭ 2,190 (+534.78%)

Mutual labels: pentesting, redteam

mosquito - Automating reconnaissance and brute force attacks

Stars: ✭ 95 (-72.46%)

Mutual labels: pentesting, redteam

A PowerShell-based toolkit and framework consisting of a collection of techniques and tradecraft for use in red team, post-exploitation, adversary simulation, or other offensive security tasks.

Stars: ✭ 162 (-53.04%)

Mutual labels: pentesting, redteam

Pentesting Cookbook

A set of recipes useful in pentesting and red teaming scenarios

Stars: ✭ 82 (-76.23%)

Mutual labels: pentesting, redteam

The Collective. A repo for a collection of red-team projects found mostly on Github.

Stars: ✭ 85 (-75.36%)

Mutual labels: pentesting, redteam

Oscp Pentest Methodologies

备考 OSCP 的各种干货资料/渗透测试干货资料

Stars: ✭ 166 (-51.88%)

Mutual labels: pentesting, redteam

Awesome cloud enumerator

Stars: ✭ 268 (-22.32%)

Mutual labels: pentesting, redteam

View All Similar Projects ➔

cobalt_strike_extension_kit

Looking for an all in one for a lot of current tradecraft? Clone this.

I do not take credit for most of this work. A lot of this work was influenced by Outflank, Specter Ops (0xThirteen) Mainly, and seeing other Aggressor Script Repositories. The purpose of this was to aggregate Cobalt Strike supplements used during engagements.

For OPSec, you may want to provide your own binaries. The binaries provided may get flagged by A/V, but do work in lower maturity environments and Certification lab environments.

06/25/2020 - Added more tradecraft and made Extension Kit more workflow driven. Some items are mapped to Mitre - will expand on this in the future.

To-Do

Continue Expanding, try to implement more Offense In Depth e.g., multiple ways to do one thing.

With Offense In Depth, add items that reflect low security maturity and items that reflect higher level maturity to gauge clients. Also may be useful in purple team engagements when using various forms of tradecraft for example - kerberoast with powershell and kerberoast with rubeus

Improve Mitre Mapping to items

Usage
cd /opt/
git clone https://github.com/josephkingstone/cobaltstrike_extension_kit.git
Go to cobalt strike's script manager and load csek.cna

https://github.com/GhostPack/Seatbelt
https://github.com/eladshamir/Internal-Monologue
https://github.com/djhohnstein/SharpWeb
https://github.com/BloodHoundAD/SharpHound
https://github.com/Kevin-Robertson/InveighZero
https://github.com/anthemtotheego/SharpExec
https://github.com/fireeye/SharPersist
https://github.com/rvrsh3ll/SharpCOM
https://github.com/rvrsh3ll/SharpPrinter
https://github.com/rvrsh3ll/SharpFruit
https://github.com/rvrsh3ll/SharpExcel4-DCOM
https://github.com/fireeye/ADFSDump
https://github.com/matterpreter/OffensiveCSharp
https://github.com/tevora-threat/SharpView
https://github.com/HunnicCyber/SharpDomainSpray
https://github.com/HunnicCyber/SharpSniper
https://github.com/GhostPack/Seatbelt
https://github.com/GhostPack/Seatbelt
https://github.com/GhostPack/SharpUp
https://github.com/GhostPack/SafetyKatz
https://github.com/GhostPack/SharpWMI
https://github.com/FSecureLABS/SharpGPOAbuse
https://github.com/GhostPack/SharpDPAPI
https://github.com/0xthirteen/CleanRunMRU
https://github.com/0xthirteen/SharpRDP
https://github.com/Pickfordmatt/SharpLocker
https://github.com/djhohnstein/SharpSearch
https://github.com/slyd0g/SharpClipboard
https://github.com/outflanknl/Zipper
https://github.com/P1CKLES/SharpBox
https://github.com/rasta-mouse/Watson
https://github.com/slyd0g/SharpClipboard

These Tools are not C#, but need to be incorporated into toolset

https://github.com/outflanknl/Spray-AD
https://github.com/outflanknl/Recon-AD
https://github.com/0x09AL/RdpThief
https://github.com/outflanknl/Ps-Tools

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].

Stars: ✭ 345

Visit Git Page 🔗Visit User Page 🔗Visit Issues Page (2) 🔗