Code and yara rules to detect and analyze Cobalt Strike

Last update: Jan 04, 2023

Related tags

Miscellaneous cobaltstrike

Overview

Cobalt Strike Resources

This repository contains:

analyze.py: a script to analyze a Cobalt Strike beacon (python analyze.py BEACON)
extract.py; extract a beacon from an encrypted beacon
lib.py: library containing functions for the other scripts
output.csv : CSV file containing CS servers identified online in Dec 2020
rules.yar: Yara rules for CS beacons
scan_list.py: script to scan a list of servers (python scan_list.py FILE)
scan.py : script to scan a server (python scan.py IP)

You can see my blog post Analyzing Cobalt Strike for Fun and Profit for more information.

Credits : Amnesty Tech

Owner

Tek

Hacking things here and there, mostly threat intel, osint, malware analysis and human rights

GitHub Repository

An extensive password manager built using Python, multiple implementations. Something to meet everyone's taste.

An awesome open-sourced password manager! Explore the docs » View Demo · Report Bug · Request Feature 🐍 Python Password Manager 🔐 An extensive passw

7 Sep 28, 2021

A Linux webcam plugin for BGMv2 as used in our demos.

The goal of this repository is to supplement the main Real-Time High Resolution Background Matting repo with a working demo of a videoconferencing plu

144 Dec 27, 2022

A wide AOI generator tool.

Dark Generator A wide AOI generator tool. Information Installation To Install you have to have python 3.x and pip installed on your system. If you hav

12 Dec 26, 2022

A numbers extract from string python package

Made with Python3 (C) @FayasNoushad Copyright permission under MIT License License - https://github.com/FayasNoushad/Numbers-Extract/blob/main/LICENS

4 Nov 28, 2021

LPCV Winner Solution of Spring Team

22 Jul 20, 2022

1cak - An Indonesian web that provide lot of fun.

An unofficial API of 1cak.com 1cak - An Indonesian web that provide lot of fun. Endpoint Lol - 10 Recent stored posts on database Example: https://on

5 Sep 27, 2022

A performant state estimator for power system

A state estimator for power system. Turbocharged with sparse matrix support, JIT, SIMD and improved ordering.

9 Dec 12, 2022

python scripts - mostly automation scripts

python python scripts - mostly automation scripts You can set your environment in various ways bash #!/bin/bash python - locally on remote host #!/bi

1 Jan 05, 2022

🦕 Compile Deno executables and compress them for all platforms easily

Denoc Compile Deno executables and compress them for all platforms easily. Install You can install denoc from PyPI like any other package: pip install

8 Apr 04, 2022

Python Programming Bootcamp

python-bootcamp Python Programming Bootcamp Begin: 27th August 2021 End: 8th September 2021 Registration deadline: 22nd August 2021 Fees: No course or

11 Oct 19, 2022

Osintgram by Datalux but i fixed some errors i found and made it look cleaner

OSINTgram-V2 OSINTgram-V2 is made from Osintgram which is made by Datalux originally but i took the script and fixed some errors i found and made the

2 Feb 02, 2022

[Cython] Vs [Python] Which one is Faster ?

[Cython] Vs [Python] ? Attractive Contrast :) Mission : Which one is Faster ? Comparing of Execution runtime for [Selection_sort] with Time Complexity

1 Dec 05, 2021

Library for managing git hooks

Autohooks Library for managing and writing git hooks in Python. Looking for automatic formatting or linting, e.g., with black and pylint, while creati

165 Dec 16, 2022

Python Cheat Sheet

Introduction Pysheeet was created with intention of collecting python code snippets for reducing coding hours and making life easier and faster. Any c

7.5k Dec 30, 2022

Open Source Repository for CFD Solvers

Background and Validation This wiki is built in Notion. Here are all the tips you need to contribute. General Background Flow over a cylinder The proj

1 Dec 30, 2021

Simple script with AminoLab to send ghost messages

1 Nov 22, 2021

Compress .dds file in ggpk to boost fps. This is a python rewrite of PoeTexureResizer.

PoeBooster Compress .dds file in ggpk to boost fps. This is a python rewrite of PoeTexureResizer. Setup Install ImageMagick-7.1.0. Download and unzip

3 Sep 30, 2022

This is a simple quizz which can ask user for login/register session, then consult to the Quiz interface.

SIMPLE-QUIZ- This is a simple quizz which can ask user for login/register session, then consult to the Quiz interface. By CHAKFI Ahmed MASTER SYSTEMES

1 Jan 10, 2022

TextColor - An easy to use Python library which allows you to make your terminal outputs more colorful and therefore easier to read and understand

This is an easy to use Python library which allows you to make your terminal out

1 Feb 05, 2022

In this project we will implement AirBnB clone using console

AirBnB Clone In this project we will implement AirBnB clone using console. Usage The shell should work like this

1 Feb 07, 2022