AggressorScripts - Collection Of Aggressor Scripts For Cobalt Strike 3.0+ Pulled From Multiple Sources

Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources:

  • All_In_One.cna v1 - Removed and outdated
    • All purpose script to enhance the user's experience with cobaltstrike. Custom menu creation, Logging, Persistence, Enumeration, and 3rd party script integration.
    • Version 2 is currently in development!
  • ArtifactPayloadGenerator.cna
    • Generates every type of Stageless/Staged Payload based off a HTTP/HTTPS Listener
    • Creates /opt/cobaltstrike/Staged_Payloads, /opt/cobaltstrike/Stageless_Payloads
  • AVQuery.cna
    • Queries the Registry with powershell for all AV Installed on the target
    • Quick and easy way to get the AV you are dealing with as an attacker

  • CertUtilWebDelivery.cna
    • Stageless Web Delivery using CertUtil.exe
    • Powerpick is used to spawn certutil.exe to download the stageless payload on target and execute with rundll32.exe

  • RedTeamRepo.cna
    • A common collection of OS commands, and Red Team Tips for when you have no Google or RTFM on hand.
    • Script will be updated on occasion, feedback and more inputs are welcomed!

  • ProcessColor.cna

Disqus Comments