A beacon generator using Cobalt Strike and a variety of tools.

Last update: Dec 17, 2022

Related tags

Overview

Beaconator

Beaconator is an aggressor script for Cobalt Strike used to generate either staged or stageless shellcode and packing the generated shellcode using your tool of choice.

Currently, it supports the following tools:

Staged Beacon Generator

Alaris

Stageless Beacon Generator

How to Use

Beaconator

Load the beaconator.cna file via Cobalt Strike > Script Manager.
Access Beaconator from the menu bar by clicking the Generate Beacon menu.

Staged Beacon Generator

Alaris

Clone the repo.

git clone https://github.com/cribdragg3r/Alaris.git

Open beaconator.cna and change the value of the $ALARIS_DIR variable and point it to where Alaris is located.

Stageless Beacon Generator

PEzor

Install PEzor using the following:

git clone https://github.com/phra/PEzor.git
cd PEzor
./install.sh

Add PEzor's $PATH variable in your ~/.profile or ~/.bashrc (if using Bash), OR ~/.zprofile or ~/.zshrc (if using ZSH).

ScareCrow

Install the dependencies.

sudo apt update -y && sudo apt install -y openssl osslsigncode mingw-w64
go get github.com/fatih/color
go get github.com/yeka/zip
go get github.com/josephspurrier/goversioninfo

Clone the repo and build ScareCrow.

git clone https://github.com/optiv/ScareCrow.git
cd ScareCrow
go build ScareCrow.go

Open beaconator.cna and change the value of the $SCARECROW_DIR variable and point it to where ScareCrow is located.

Screenshots

Beaconator

Alaris

PEzor

ScareCrow

Credits

@JFaust_ for developing Alaris.
@phraaaaaaa for developing PEzor.
@Tyl0us for developing ScareCrow.

Comments

null value error - Not fixed

The issue is not fixed by creating the folder output. See below:

Executing: PEzor.sh -64 -unhook -antidebug -shellcode -format=exe /home/simon.davies/Cobalt_Strike_Aggressor_Scripts/Beaconator/output/shellcode.bin[10:31:56] null value error at beaconator.cna:140
bug

opened by Simon-Davies 4
options persist after payload creation

If I create a payload with an option like -unhook and -x64. It will correctly create the payload. However if I then create a payload with just -x64 and -sgn, the script console says Executing: PEzor.sh -64 -unhook -sgn -shellcode -format=exe. It is keeping the old option of -unhook when not selected(the only option I have seen that does not persist to the next generation attempt is -32). I have to reload the script after every payload generation in order to get the correct options again.
bug

opened by foehammer762 3
Null error

The shellcode is being correctly generated but not the binary/dll in the directoty ../output/pezor/shellcode.bin.

[*] Executing: PEzor -64 -unhook -antidebug -shellcode -format=dll /opt/tools/Beaconator/output/pezor/shellcode.bin[18:17:32] null value error at beaconator.cna:248

FYI : The command is working fine when I run it manually in a terminal.

opened by TH3xACE 2
null value error

When I try to create a payload using beaconater i get the folllowing error: null value error at beaconator.cna:140

I can then copy paste the whole command from the script console to the terminal and that works properly. I already installed pezor and updated the PATH variable.
Once I manually created the subfolder output and hard coded the full path to pezor, It is now creating the shellcode.bin file in the output folder but not creating the final payload even though it says Success beacon can be found at path/to/cna/output
bug

opened by foehammer762 2
Not sure if Bug??

null value error at beaconator.cna:243

Tried with x86 and x64 using PEZor. With and without Syscalls in case that made any difference.

Line 243 reads:

closef($process);

opened by 4r33d0m 1
Fixed output folder issue and fixed issue with options persisting to subsequent payload generations

Added folder "output" and added .gitignore to ignore the generated payloads but keep the folder. This fixes the null value error. Added code to reset the options back to null so that you don't have to reload the cna script after every payload generation.

opened by foehammer762 0

Releases(2.0)

2.0(Aug 10, 2021)
Added Alaris for generating staged shellcode

Added ScareCrow for generating stageless shellcode

Created a helper script for ScareCrow

Categorized selection as Staged or Stageless

Added tool output subfolders

Source code(tar.gz)
Source code(zip)
1.1(Jul 23, 2021)
Fixed error check with the use of x86 arch & syscalls

Fixed the "null value error" due to missing output folder

Fixed issue with options persisting to subsequent payload generations

Added PEzor's BOF format

Added the -cleanup option for BOFs

Added the -sleep option

Added more error checks

Cleaned up the code

Source code(tar.gz)
Source code(zip)
1.0(Jul 19, 2021)

Source code(tar.gz)
Source code(zip)

Owner

Capt. Meelo

Infosec Noob

GitHub Repository

hey, this repo is the backend of the sociio project

sociio backend Hey, this repository is a part of sociio project , In this repo we are working to create an independent server for everything you can i

2 Jun 09, 2022

A C-like hardware description language (HDL) adding high level synthesis(HLS)-like automatic pipelining as a language construct/compiler feature.

██████╗ ██╗██████╗ ███████╗██╗ ██╗███╗ ██╗███████╗ ██████╗ ██╔══██╗██║██╔══██╗██╔════╝██║ ██║████╗ ██║██╔════╝██╔════╝ ██████╔╝██║██████╔╝█

391 Jan 01, 2023

GibMacOS - Py2/py3 script that can download macOS components direct from Apple

Py2/py3 script that can download macOS components direct from Apple Can also now build Internet Recovery USB installers from Windows using dd and 7zip

4.8k Jan 02, 2023

🎉 🎉 PyComp - Java Code compiler written in python.

🎉 🎉 PyComp Java Code compiler written in python. This is yet another compiler meant for babcock students project which was created using pure python

5 Nov 30, 2022

Repo created for the purpose of adding any kind of programs and projects

Programs and Project Repository A repository for adding programs and projects of any kind starting from beginners level to expert ones Contributing to

3 Nov 02, 2022

Unofficial Valorant documentation and tools for third party developers

Valorant Third Party Toolkit This repository contains unofficial Valorant documentation and tools for third party developers. Our goal is to centraliz

20 Dec 21, 2022

Writeup of NilbinSec's participation in the Winja CTF for c0c0n 2021

Winja-CTF-c0c0n-2021-Writeup NilbinSec's participation in the Winja CTF for c0c0n 2021 This repo covers NilbinSec's participation in the Winja CTF dur

1 Nov 15, 2021

An experimental Python-to-C transpiler and domain specific language for embedded high-performance computing

562 Dec 28, 2022

Python 3.9.4 Graphics and Compute Shader Framework and Primitives with no external module dependencies

pyshader Python 3.9.4 Graphics and Compute Shader Framework and Primitives with no external module dependencies Fully programmable shader model (even

1 Jan 11, 2022

Trusted sessions for falcon using itsdangerous.

Falcon signed sessions This project allows you to easily add trusted cookies to falcon, it works by storing a signed cookie in the client's browser us

1 Feb 08, 2022

Auto Join Zoom Meeting

Auto-Join-Zoom-Meeting Join a zoom meeting with out filling in meeting id's or passcodes, one button for it all! Setup See attached excel document. MA

1 Jan 25, 2022

objectfactory is a python package to easily implement the factory design pattern for object creation, serialization, and polymorphism

py-object-factory objectfactory is a python package to easily implement the factory design pattern for object creation, serialization, and polymorphis

6 Dec 14, 2022

A beacon generator using Cobalt Strike and a variety of tools.

Related tags

Overview

Beaconator

How to Use

Beaconator

Staged Beacon Generator

Alaris

Stageless Beacon Generator

PEzor

ScareCrow

Screenshots

Beaconator

Alaris

PEzor

ScareCrow

Credits

Comments

null value error - Not fixed

options persist after payload creation

Null error

null value error

Not sure if Bug??

Fixed output folder issue and fixed issue with options persisting to subsequent payload generations

Releases(2.0)

2.0(Aug 10, 2021)

1.1(Jul 23, 2021)

1.0(Jul 19, 2021)

Owner

Capt. Meelo

hey, this repo is the backend of the sociio project

A C-like hardware description language (HDL) adding high level synthesis(HLS)-like automatic pipelining as a language construct/compiler feature.

GibMacOS - Py2/py3 script that can download macOS components direct from Apple

🎉 🎉 PyComp - Java Code compiler written in python.

Repo created for the purpose of adding any kind of programs and projects

Unofficial Valorant documentation and tools for third party developers

Writeup of NilbinSec's participation in the Winja CTF for c0c0n 2021

An experimental Python-to-C transpiler and domain specific language for embedded high-performance computing

Python 3.9.4 Graphics and Compute Shader Framework and Primitives with no external module dependencies

Trusted sessions for falcon using itsdangerous.

Auto Join Zoom Meeting

objectfactory is a python package to easily implement the factory design pattern for object creation, serialization, and polymorphism

This is a Python 3.10 port of mock, a library for manipulating human-readable message strings.

News-app - This is a news web app for reading news from different sources and topics

Python library to natively send files to Trash (or Recycle bin) on all platforms.

The fastest way to copy to (not from) high speed flash storage.

Bots in moderation and a game (for now)

Wordle is fun, so let's ruin it with computers.

Use `forge` and `cast` commands in Python scripts

Insert a Spotify Playlist, Get a list of YouTube URLs from it.