Skip to content

threatexpress/aggressor-scripts

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

17 Commits
beacon_handler
beacon_handler
 
 
beacon_webview
beacon_webview
 
 
wmi_msbuild
wmi_msbuild
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
enumerate.cna
enumerate.cna
 
 

Repository files navigation

Cobalt Strike Aggressor Scripts

Collection of Cobalt Strike Aggressor Scripts

enumerate.cna

Cobalt Strike Aggressor script function and alias to perform some rudimentary Windows host enumeration with Beacon built-in API-only commands.

Additionally, adds a basic enumerate alias for Linux based systems in SSH sessions.

wmi_msbuild

Extends Beacon's jump command by adding a wmi_msbuild option that uses remote WMI to create a new msbuild process and execute an XML file generated via python with encrypted Beacon stageless shellcode. See wmi_msbuild.cna for OPSEC notes and usage.

Adapted by @andrewchiles for CS 4.0+ jump and removed PowerLessShell requirement Original Authors: Alyssa (ramen0x3f), MrT__F version for PowerLessShell

About

Cobalt Strike Aggressor Scripts

Resources

Readme
Activity
Custom properties

Stars

139 stars

Watchers

6 watching

Forks

23 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages