Skip to content
A collection of useful scripts for Cobalt Strike
Branch: master
Clone or download
Latest commit 2e969ea Jul 19, 2018
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
ElevateKit @ f576288
visualizations
.gitmodules
README.md
bot.cna
custom_defaults.cna
dcom_lateral_movement.cna Added beacon log visualization (requested by @r3dQu1nn). Mar 22, 2018
download_screenshots.cna
http.cna
powershell.cna Updated ElevateKit with new UAC-TokenMagic exploit, removed unused me… Jul 13, 2017
web.cna

README.md

aggressor_scripts

A collection of useful scripts for Cobalt Strike

This repository will contain all the aggressor scripts that I feel are useful enough to warrant making public.

powershell.cna is a script to import and run some commonly used Powershell tools via a Beacon menu or from the Beacon console.

bot.cna is a little chat bot for the Cobalt Strike event log. Commands include !ping, !beacons, !listeners, !elevate, !screenshot, !downloadstring and !psexec. NOTE: This is intended to be run headless (with ./agscript).

dcom_lateral_movement.cna is an implementation of enigma0x3's research into code execution via DCOM. https://enigma0x3.net/2017/01/05/lateral-movement-using-the-mmc20-application-com-object/ https://enigma0x3.net/2017/01/23/lateral-movement-via-dcom-round-2/

ElevateKit is forked from rsmudge, and I've added right click menu options for the privilege escalation techniques included in ElevateKit.

You can’t perform that action at this time.