Code and yara rules to detect and analyze Cobalt Strike

Last update: Jan 04, 2023

Related tags

Miscellaneous cobaltstrike

Overview

Cobalt Strike Resources

This repository contains:

analyze.py: a script to analyze a Cobalt Strike beacon (python analyze.py BEACON)
extract.py; extract a beacon from an encrypted beacon
lib.py: library containing functions for the other scripts
output.csv : CSV file containing CS servers identified online in Dec 2020
rules.yar: Yara rules for CS beacons
scan_list.py: script to scan a list of servers (python scan_list.py FILE)
scan.py : script to scan a server (python scan.py IP)

You can see my blog post Analyzing Cobalt Strike for Fun and Profit for more information.

Credits : Amnesty Tech

Owner

Tek

Hacking things here and there, mostly threat intel, osint, malware analysis and human rights

GitHub Repository

The dynamic code loading framework used in LocalStack

localstack-plugin-loader localstack-plugin-loader is the dynamic code loading framework used in LocalStack. Install pip install localstack-plugin-load

5 Oct 09, 2022

tidevice can be used to communicate with iPhone device

h 该工具能够用于与iOS设备进行通信, 提供以下功能截图获取手机信息 ipa包的安装和卸载根据bundleID 启动和停止应用列出安装应用信息模拟Xcode运行XCTest，常用的如启动WebDriverAgent测试

1.8k Dec 30, 2022

Design-by-contract in Python3 with informative violation messages and inheritance

icontract icontract provides design-by-contract to Python3 with informative violation messages and inheritance. It also gives a base for a flourishing

275 Jan 02, 2023

Parametric Bottle in CADQuery

Parametric Bottle using CADQuery The proposed code makes it possible to generate different types and sizes of 3D bottles in order to train Pixel2mesh

1 May 22, 2022

Online HackerRank problem solving challenges

LinkedListHackerRank Online HackerRank problem solving challenges This challenge is part of a tutorial track by MyCodeSchool You are given the pointer

1 Nov 21, 2021

Swubcase - The shitty programming language

What is Swubcase? Swubcase is easy-to-use programming language that can fuck you

5 Jun 19, 2022

Easily Generate Revolut Business Cards

RevBusinessCardGen Easily Generate Revolut Business Cards Prerequisites Before you begin, ensure you have met the following requirements: You have ins

35 Dec 14, 2022

Custom component to calculate estimated power consumption of lights and other appliances

Custom component to calculate estimated power consumption of lights and other appliances. Provides easy configuration to get virtual power consumption sensors in Home Assistant for all your devices w

552 Dec 28, 2022

Buildium-to-stessa - Automation to assist in converting Buildium transactions into Stessa format

Buildium Transactions - Stessa Transactions There is currently no third-party i

4 Apr 17, 2022

An Notifier Program that Notifies you to relax your eyes Every 15 Minutes👀

Every 15 Minutes ⌛ Every 15 Minutes is an application that is used to Notify you to Relax your eyes Every 15 Minutes, This is fully made with Python a

2 Oct 18, 2021

A New, Interactive Approach to Learning Python

This is the repository for The Python Workshop, published by Packt. It contains all the supporting project files necessary to work through the course from start to finish.

231 Dec 26, 2022

This is a menu driven Railway Reservation Project which is mainly based on the python-mysql connectivity.

Online-Railway-Reservation-System This is a menu driven Railway Reservation Project which is mainly based on the python-mysql connectivity. The projec

1 Jan 09, 2022

Islam - This is a simple python script.In this script I have written all the suras of Al Quran. As a result, by using this script, you can know the number of any sura at the moment.

Introduction: If you want to know sura number of al quran by just typing the name of sura than you can use this script. Usage in termux: $ pkg install

1 Jan 02, 2022