Cobalt-Strike-Aggressor-Scripts

This repository is an offensive tool for Cobalt Strike Aggressor Scripts. It is a collection of PowerShell scripts that aggregate various UAC bypass methods, including the MS16-032, MS16-135, and WScript bypass attacks. The scripts are designed to be used with the Cobalt Strike framework to perfo...

Exploit for Use After Free in Adobe Flash_Player

CobaltStrike-Toolset Aggressor Script, Kit, Malleable C2 Profiles, External C2 and so on - Kits - ResourceKit - ExploitKit - Aggressor Script - chromedumpmimikatz.cna - nopowershell - SMBexecpsh Further Resources nopowershell smbexecpsh.cna CVE-2018-15982...

BokuLoader - A Proof-Of-Concept Cobalt Strike Reflective Loader Which Aims To Recreate, Integrate, And Enhance Cobalt Strike's Evasion Features!

A proof-of-concept User-Defined Reflective Loader UDRL which aims to recreate, integrate, and enhance Cobalt Strike's evasion features! Contributors: Contributor | Twitter | Notable Contributions ---|---|--- Bobby Cooke | @0xBoku | Project original author and maintainer Santiago Pecin | @s4ntiago...

aggressor-group.jp Cross Site Scripting vulnerability OBB-3883605

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Missing CSRF protection

Description Any user can Add Questions on FAQ section -- https://roy.demo.phpmyfaq.de/index.php?action=ask&categoryid=0 This section is vulnerable to CSRF. The aggressor can abuse this without prior knowledge of others'. The successful CSRF will send new questions from the victim's browser Captur...

StayKit - Cobalt Strike Kit For Persistence

StayKit is an extension for Cobalt Strike persistence by leveraging the executeassembly function with the SharpStay .NET assembly. The aggressor script handles payload creation by reading the template files for a specific execution type. IMPORTANT: To use the script a user will only need to load...

Inject-Assembly - Inject .NET Assemblies Into An Existing Process

This tool is an alternative to traditional fork and run execution for Cobalt Strike. The loader can be injected into any process, including the current Beacon. Long-running assemblies will continue to run and send output back to the Beacon, similar to the behavior of execute-assembly. There are t...

Registry-Recon - Cobalt Strike Aggressor Script That Performs System/AV/EDR Recon

Cobalt Strike Aggressor Script that Performs System/AV/EDR Recon. Author: Jess Hires Description As a red-team practitioner, we are often using tools that attempt to fingerprint details about a compromised system, preferably in the most stealthy way possible. Some of our usual tooling for this...

MoveKit - Cobalt Strike Kit For Lateral Movement

Movekit is an extension of built in Cobalt Strike lateral movement by leveraging the executeassembly function with the SharpMove and SharpRDP .NET assemblies. The aggressor script handles payload creation by reading the template files for a specific execution type. IMPORTANT: To use the script a...

Exploit for Use After Free in Adobe Flash_Player

Awesome CobaltStrike 0x00 前言 1. 一部分是近期做RedTeam项目的时候看到的一些关于CobaltStrike不错的文章 2. 目前网上的Aggressor Script种类繁多，大多数资源的聚合都是只给出对应的链接，而不说明是干什么的，以至于在查看时不知道如何选择，要一个一个打开看 3. 关于新特性BOF资源的整合 4. 解决要用的时候找不到合适aggressor script或者BOF的问题 5. 如果有本repo没有涉及的优质内容，欢迎大家提交pr 0x01 相关文章合集 基础知识参考： 1. CobaltStrikewiki 2...

CSSG - Cobalt Strike Shellcode Generator

Adds Shellcode - Shellcode Generator to the Cobalt Strike top menu bar CSSG is an aggressor and python script used to more easily generate and format beacon shellcode Generates beacon stageless shellcode with exposed exit method, additional formatting, encryption, encoding, compression, multiline...

RdpThief - Extracting Clear Text Passwords From Mstsc.Exe Using API Hooking

RdpThief by itself is a standalone DLL that when injected in the mstsc.exe process, will perform API hooking, extract the clear-text credentials and save them to a file. An aggressor script accompanies it, which is responsible for managing the state, monitoring for new processes and injecting the...

AggressorScripts - Collection Of Aggressor Scripts For Cobalt Strike 3.0+ Pulled From Multiple Sources

Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources: AllInOne.cna v1 - Removed and outdated All purpose script to enhance the user's experience with cobaltstrike. Custom menu creation, Logging, Persistence, Enumeration, and 3rd party script integration. Version 2 i...

aggressor-group.jp XSS vulnerability

Vulnerable URL:...

CVE-2016-4333

The HDF5 1.8.16 library allocating space for the array using a value from the file has an impact within the loop for initializing said array allowing a value within the file to modify the loop's terminator. Due to this, an aggressor can cause the loop's index to point outside the bounds of the...

CVE-2016-4333

The HDF5 1.8.16 library allocating space for the array using a value from the file has an impact within the loop for initializing said array allowing a value within the file to modify the loop's terminator. Due to this, an aggressor can cause the loop's index to point outside the bounds of the...

CVE-2016-4333

The HDF5 1.8.16 library allocating space for the array using a value from the file has an impact within the loop for initializing said array allowing a value within the file to modify the loop's terminator. Due to this, an aggressor can cause the loop's index to point outside the bounds of the...