Using Go to implement CobaltStrike’s Beacon
This project is for learning protocol analysis and reverse engineering only, if someone’s rights have been violated, please contact me to remove the project, and the last DO NOT USE IT ILLEGALLY
How to play
.cobaltstrike.beacon_keys
.java -jar BeaconTool.jar
to convert java keystore to PEM format.cmd/config/config.go
(the RSA private key is not required, I wrote it in the code just for the record)export GOOS="darwin" && export GOARCH="amd64" && go build cmd/main.go
to compile an executable binary running on MacOS.4.0
to compile.master
supports CobaltStrike 4.1, currently available functions include: executing commands, uploading, downloading, file browser, switching the current working directory, and exiting the current process.Protocol analysis
To be continued, I will update as soon as I have time …
Todo
Support CobaltStrike 4.x
Fix the OS icon issue in session table
String encoding issue
_DarkRay@RedCore