Skip to content
A collection of useful scripts for Cobalt Strike
Branch: master
Clone or download
Latest commit 2e969ea Jul 19, 2018
Type Name Latest commit message Commit time
Failed to load latest commit information.
ElevateKit @ f576288
dcom_lateral_movement.cna Added beacon log visualization (requested by @r3dQu1nn). Mar 22, 2018
powershell.cna Updated ElevateKit with new UAC-TokenMagic exploit, removed unused me… Jul 13, 2017


A collection of useful scripts for Cobalt Strike

This repository will contain all the aggressor scripts that I feel are useful enough to warrant making public.

powershell.cna is a script to import and run some commonly used Powershell tools via a Beacon menu or from the Beacon console.

bot.cna is a little chat bot for the Cobalt Strike event log. Commands include !ping, !beacons, !listeners, !elevate, !screenshot, !downloadstring and !psexec. NOTE: This is intended to be run headless (with ./agscript).

dcom_lateral_movement.cna is an implementation of enigma0x3's research into code execution via DCOM.

ElevateKit is forked from rsmudge, and I've added right click menu options for the privilege escalation techniques included in ElevateKit.

You can’t perform that action at this time.