Skip to content

harleyQu1nn/AggressorScripts

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
3 branches 0 tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
DriverSearcher
Updated for CrowdStrike
August 21, 2019 16:15
Logging
Added Newer Symantec processes
November 7, 2017 12:13
Persistence
escape backslashes
October 27, 2020 15:36
AVQuery.cna
Fixed line 21 errors and added a pause for execution
March 15, 2018 13:28
All_In_One.cna
Remaking this completely, keep an eye out for v2 :)
February 9, 2018 12:22
ArtifactPayloadGenerator.cna
Updated and Fixed for CS 4.0
August 12, 2020 11:10
CertUtilWebDelivery.cna
Updated script to use PowerPick thanks @424f424f!
September 1, 2017 23:05
EDR.cna
Fixed a bunch of syntax + logic errors
June 26, 2023 08:16
ProcessColor.cna
Added Cybereason processes
October 23, 2019 10:40
ProcessMonitor.cna
Add files via upload
October 12, 2017 14:58
ProcessMonitor.ps1
Add files via upload
October 12, 2017 14:58
README.md
Update README.md
May 2, 2023 15:49
RedTeamRepo.cna
Update RedTeamRepo.cna
September 4, 2017 05:40
SMBPayloadGenerator.cna
SMB Artifact Payload Generator
October 24, 2018 13:20
logvis.cna
Added in real time updating
March 22, 2018 21:00

README.md

Aggressor Scripts

Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources

  • All_In_One.cna v1 - Removed and outdated

    • All purpose script to enhance the user's experience with cobaltstrike. Custom menu creation, Logging, Persistence, Enumeration, and 3rd party script integration.
    • Version 2 is currently in development!

  • ArtifactPayloadGenerator.cna

    • Generates every type of Stageless/Staged Payload based off a HTTP/HTTPS Listener

    • Creates /opt/cobaltstrike/Staged_Payloads, /opt/cobaltstrike/Stageless_Payloads

  • AVQuery.cna

    • Queries the Registry with powershell for all AV Installed on the target

    • Quick and easy way to get the AV you are dealing with as an attacker

    av

  • CertUtilWebDelivery.cna

    • Stageless Web Delivery using CertUtil.exe

    • Powerpick is used to spawn certutil.exe to download the stageless payload on target and execute with rundll32.exe

    certutil2

  • EDR.cna

    • Detects EDR solutions running on local/remote hosts

  • RedTeamRepo.cna

    • A common collection of OS commands, and Red Team Tips for when you have no Google or RTFM on hand.

    • Script will be updated on occasion, feedback and more inputs are welcomed!

    redrepo

  • ProcessColor.cna

    process

About

Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources

Topics

scripts cobalt-strike aggressor-scripts red-team cna aggressor

Resources

Readme
Activity

Stars

1.4k stars

Watchers

71 watching

Forks

308 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 6

Languages