Red Teaming and Malware Analysis

About
Red Teaming
Cheat Sheet
Active Directory 101
Fuzzing and Web
Initial Foothold
- Browser In The Browser (BITB) Attack
- Phishing with Office
  - Weaponizing XLM 4.0 macros
Privilege Escalation (Privesc)
Lateral Movement (Pivoting)
- From Windows VPN + Kali VPN + DC
  - By using Proxifier
Persistence
Command and Control (C&C)
- CobaltStrike 101
Data Exfiltration
- Extracting certs/private keys from Windows using mimikatz and intercepting calls with burpsuite
CVE & Exploits / CTF
Tools
Resources
Pwnage
Malware Analysis
Unpacking
Basic tips
Malware instrumentation with frida
Tools
Resources
Mobile
IoT / Reverse / Firmware

Powered by GitBook

On this page

C2 Malleable Profiles
Aggressor Scripts

Was this helpful?

Command and Control (C&C)

CobaltStrike 101

Extras + Plugins

PreviousPivoting DMZ: weevely + ngrok + CS Pivot COMBO via Linux NextResources

Last updated 3 years ago

Was this helpful?

C2 Malleable Profiles

Aggressor Scripts

GitHub - threatexpress/random_c2_profile: Cobalt Strike random C2 Profile generatorGitHub

GitHub - xx0hcd/Malleable-C2-Profiles: Cobalt Strike - Malleable C2 Profiles. A collection of profiles used in different projects using Cobalt Strike https://www.cobaltstrike.com/.GitHub

GitHub - 0xthirteen/MoveKit: Cobalt Strike kit for Lateral MovementGitHub

GitHub - Porchetta-Industries/pyMalleableC2: Python interpreter for Cobalt Strike Malleable C2 Profiles. Allows you to parse, build and modify them programmatically.GitHub

GitHub - bitsadmin/fakelogonscreen: Fake Windows logon screen to steal passwordsGitHub

GitHub - sec-consult/aggrokatz: Aggrokatz is an aggressor plugin extension for Cobalt Strike which enables pypykatz to interface with the beacons remotely and allows it to parse LSASS dump files and registry hive files to extract credentials and other secrets stored without downloading the file and without uploading any suspicious code to the beacon.GitHub

https://github.com/pandasec888/taowu-cobalt-strike/tree/englishgithub.com

GitHub - Cobalt-Strike/sleep_python_bridge: This project is 'bridge' between the sleep and python language. It allows the control of a Cobalt Strike teamserver through python without the need for for the standard GUI client. NOTE: This project is very much in BETA. The goal is to provide a playground for testing and is in no way an officially support feature. Perhaps this could be something added in the future to the core product.GitHub

GitHub - harleyQu1nn/AggressorScripts: Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sourcesGitHub

GitHub - zer0yu/Awesome-CobaltStrike: cobaltstrike的相关资源汇总 / List of Awesome CobaltStrike ResourcesGitHub