A beacon generator using Cobalt Strike and a variety of tools.

Related tags

MiscellaneousBeaconator
Overview

Beaconator

release license issues stars forks

Beaconator is an aggressor script for Cobalt Strike used to generate either staged or stageless shellcode and packing the generated shellcode using your tool of choice.

Currently, it supports the following tools:

Staged Beacon Generator

Stageless Beacon Generator

How to Use

Beaconator

  1. Load the beaconator.cna file via Cobalt Strike > Script Manager.
  2. Access Beaconator from the menu bar by clicking the Generate Beacon menu.

Staged Beacon Generator

Alaris

  1. Clone the repo.
git clone https://github.com/cribdragg3r/Alaris.git
  1. Open beaconator.cna and change the value of the $ALARIS_DIR variable and point it to where Alaris is located.

Stageless Beacon Generator

PEzor

  1. Install PEzor using the following:
git clone https://github.com/phra/PEzor.git
cd PEzor
./install.sh
  1. Add PEzor's $PATH variable in your ~/.profile or ~/.bashrc (if using Bash), OR ~/.zprofile or ~/.zshrc (if using ZSH).

ScareCrow

  1. Install the dependencies.
sudo apt update -y && sudo apt install -y openssl osslsigncode mingw-w64
go get github.com/fatih/color
go get github.com/yeka/zip
go get github.com/josephspurrier/goversioninfo
  1. Clone the repo and build ScareCrow.
git clone https://github.com/optiv/ScareCrow.git
cd ScareCrow
go build ScareCrow.go
  1. Open beaconator.cna and change the value of the $SCARECROW_DIR variable and point it to where ScareCrow is located.

Screenshots

Beaconator

option-staged.png option-stageless.png

Alaris

alaris-options.png alaris-console.png

PEzor

pezor-options.png pezor-console.png

ScareCrow

scarecrow-options.png scarecrow-console.png

Credits

Comments
  • null value error - Not fixed

    null value error - Not fixed

    The issue is not fixed by creating the folder output. See below:

    Executing: PEzor.sh -64 -unhook -antidebug -shellcode -format=exe /home/simon.davies/Cobalt_Strike_Aggressor_Scripts/Beaconator/output/shellcode.bin[10:31:56] null value error at beaconator.cna:140

    bug 
    opened by Simon-Davies 4
  • options persist after payload creation

    options persist after payload creation

    If I create a payload with an option like -unhook and -x64. It will correctly create the payload. However if I then create a payload with just -x64 and -sgn, the script console says Executing: PEzor.sh -64 -unhook -sgn -shellcode -format=exe. It is keeping the old option of -unhook when not selected(the only option I have seen that does not persist to the next generation attempt is -32). I have to reload the script after every payload generation in order to get the correct options again.

    bug 
    opened by foehammer762 3
  • Null error

    Null error

    The shellcode is being correctly generated but not the binary/dll in the directoty ../output/pezor/shellcode.bin.

    [*] Executing: PEzor -64 -unhook -antidebug -shellcode -format=dll /opt/tools/Beaconator/output/pezor/shellcode.bin[18:17:32] null value error at beaconator.cna:248

    FYI : The command is working fine when I run it manually in a terminal.

    opened by TH3xACE 2
  • null value error

    null value error

    When I try to create a payload using beaconater i get the folllowing error: null value error at beaconator.cna:140

    I can then copy paste the whole command from the script console to the terminal and that works properly. I already installed pezor and updated the PATH variable.
    Once I manually created the subfolder output and hard coded the full path to pezor, It is now creating the shellcode.bin file in the output folder but not creating the final payload even though it says Success beacon can be found at path/to/cna/output

    bug 
    opened by foehammer762 2
  • Not sure if Bug??

    Not sure if Bug??

    null value error at beaconator.cna:243

    Tried with x86 and x64 using PEZor. With and without Syscalls in case that made any difference.

    Line 243 reads:

    closef($process);

    opened by 4r33d0m 1
  • Fixed output folder issue and fixed issue with options persisting to subsequent payload generations

    Fixed output folder issue and fixed issue with options persisting to subsequent payload generations

    Added folder "output" and added .gitignore to ignore the generated payloads but keep the folder. This fixes the null value error. Added code to reset the options back to null so that you don't have to reload the cna script after every payload generation.

    opened by foehammer762 0
Releases(2.0)

  • 2.0(Aug 10, 2021)

    • Added Alaris for generating staged shellcode
    • Added ScareCrow for generating stageless shellcode
    • Created a helper script for ScareCrow
    • Categorized selection as Staged or Stageless
    • Added tool output subfolders
    Source code(tar.gz)
    Source code(zip)

  • 1.1(Jul 23, 2021)

    • Fixed error check with the use of x86 arch & syscalls
    • Fixed the "null value error" due to missing output folder
    • Fixed issue with options persisting to subsequent payload generations
    • Added PEzor's BOF format
    • Added the -cleanup option for BOFs
    • Added the -sleep option
    • Added more error checks
    • Cleaned up the code
    Source code(tar.gz)
    Source code(zip)

  • 1.0(Jul 19, 2021)

Owner
Capt. Meelo
Infosec Noob
Capt. Meelo
GitHub Repository
Collection of Beginner to Intermediate level Python scripts contributed by members and participants.

Hacktoberfest2021-Python Hello there! This repository contains a 'Collection of Beginner to Intermediate level Python projects', created specially for

12 May 25, 2022
These are the scripts used for the project of ‘Assembly of a pan-genome for global cattle reveals missing sequence and novel structural variation, providing new insights into their diversity and evolution history’

script-SV-genotyping These are the scripts used for the project of ‘Assembly of a pan-genome for global cattle reveals missing sequence and novel stru

2 Aug 26, 2022
The Python agent for Apache SkyWalking

SkyWalking Python Agent SkyWalking-Python: The Python Agent for Apache SkyWalking, which provides the native tracing abilities for Python project. Sky

The Apache Software Foundation 149 Dec 12, 2022
Ningyu Jia(nj2459)/Mengyin Ma(mm5937) Call Analysis group project(Group 36)

Group and Section Group 36 Section 001 name and UNI Name UNI Ningyu Jia nj2459 Mengyin Ma mm5937 code explanation Parking.py (1) Calculate the rate of

1 Dec 04, 2021
Lightweight and Modern kernel for VK Bots

This is the kernel for creating VK Bots written in Python 3.9

Yrvijo 4 Nov 21, 2021
Abilian Core: an enterprise application development platform based on the Flask micro-framework, the SQLAlchemy ORM

About Abilian Core is an enterprise application development platform based on the Flask micro-framework, the SQLAlchemy ORM, good intentions and best

Abilian open source projects 47 Apr 14, 2022
dbt (data build tool) adapter for Oracle Autonomous Database

dbt-oracle version 1.0.0 dbt (data build tool) adapter for the Oracle database. dbt "adapters" are responsible for adapting dbt's functionality to a g

Oracle 22 Nov 15, 2022
Fast STL (ASCII & Binary) importer for Blender

blender-fast-stl-importer Fast STL (ASCII & Binary) importer for Blender based on https://en.wikipedia.org/wiki/STL_(file_format) Technical notes: flo

Iyad Ahmed 7 Apr 17, 2022
A python script that automatically joins a zoom meeting based on your timetable.

Zoom Automation A python script that automatically joins a zoom meeting based on your timetable. What does it do? It performs the following processes:

Shourya Gupta 3 Jan 01, 2022
Repo with data from local elections in Portugal from 2009 to 2013

autarquicas - local elections in Portugal Repo with data from local elections in Portugal from 2009 to 2013 Objective To provide, to all, raw data fro

Jorge Gomes 6 Apr 06, 2022
1000+ ready code templates to kickstart your next AI experiment

AI Seed Projects Start with ready code for your next AI experiment. Choose from 1000+ code templates, across a wide variety of use cases. All examples

BlobCity, Inc 98 Jan 03, 2023
A parser of Windows Defender's DetectionHistory forensic artifact, containing substantial info about quarantined files and executables.

A parser of Windows Defender's DetectionHistory forensic artifact, containing substantial info about quarantined files and executables.

Jordan Klepser 101 Oct 30, 2022
Python project that aims to discover CDP neighbors and map their Layer-2 topology within a shareable medium like Visio or Draw.io.

Python project that aims to discover CDP neighbors and map their Layer-2 topology within a shareable medium like Visio or Draw.io.

3 Feb 11, 2022
A compilation of useful scripts to automate common tasks

Scripts-To-Automate-This A compilation of useful scripts for common tasks Name What it does Type Add file extensions Adds ".png" to a list of file nam

0 Nov 05, 2021
Adds a Bake node to Blender's shader node system

Bake to Target This Blender Addon adds a new shader node type capable of reducing the texture-bake step to a single button press. Please note that thi

Thomas 8 Oct 04, 2022
Python Service for MISP Feed Management

Python Service for MISP Feed Management This set of scripts is designed to offer better reliability and more control over the fetching of feeds into M

Chris 7 Aug 24, 2022
TMTC Commander Core

This commander application was first developed by KSat for the SOURCE project to test the on-board software but has evolved into a more generic tool for satellite developers to perform TMTC (Telemetr

robamu 8 Dec 14, 2022
This tool for beginner and help those people they gather information about Email Header Analysis, Instagram Information, Instagram Username Check, Ip Information, Phone Number Information, Port Scan

This tool for beginner and help those people they gather information about Email Header Analysis, Instagram Information, Instagram Username Check, Ip Information, Phone Number Information, Port Scan.

cb-kali 5 Feb 18, 2022
Painel simples com consulta de cep,CNPJ,placa e ip

Painel mpm Um painel simples com consultas de IP, CNPJ, CEP, PLACA, TELEFONE, CPF e NOME Início 🌐 apt update && apt upgrade -y pkg i python git pip i

8 Feb 27, 2022
AIO solution for SSIS students

ssis.bit AIO solution for SSIS students Hardware CircuitPython supports more than 200 different boards. Locally available is the TTGO T8 ESP32-S2 ST77

3 Jun 05, 2022