A beacon generator using Cobalt Strike and a variety of tools.

Related tags

MiscellaneousBeaconator
Overview

Beaconator

release license issues stars forks

Beaconator is an aggressor script for Cobalt Strike used to generate either staged or stageless shellcode and packing the generated shellcode using your tool of choice.

Currently, it supports the following tools:

Staged Beacon Generator

Stageless Beacon Generator

How to Use

Beaconator

  1. Load the beaconator.cna file via Cobalt Strike > Script Manager.
  2. Access Beaconator from the menu bar by clicking the Generate Beacon menu.

Staged Beacon Generator

Alaris

  1. Clone the repo.
git clone https://github.com/cribdragg3r/Alaris.git
  1. Open beaconator.cna and change the value of the $ALARIS_DIR variable and point it to where Alaris is located.

Stageless Beacon Generator

PEzor

  1. Install PEzor using the following:
git clone https://github.com/phra/PEzor.git
cd PEzor
./install.sh
  1. Add PEzor's $PATH variable in your ~/.profile or ~/.bashrc (if using Bash), OR ~/.zprofile or ~/.zshrc (if using ZSH).

ScareCrow

  1. Install the dependencies.
sudo apt update -y && sudo apt install -y openssl osslsigncode mingw-w64
go get github.com/fatih/color
go get github.com/yeka/zip
go get github.com/josephspurrier/goversioninfo
  1. Clone the repo and build ScareCrow.
git clone https://github.com/optiv/ScareCrow.git
cd ScareCrow
go build ScareCrow.go
  1. Open beaconator.cna and change the value of the $SCARECROW_DIR variable and point it to where ScareCrow is located.

Screenshots

Beaconator

option-staged.png option-stageless.png

Alaris

alaris-options.png alaris-console.png

PEzor

pezor-options.png pezor-console.png

ScareCrow

scarecrow-options.png scarecrow-console.png

Credits

Comments
  • null value error - Not fixed

    null value error - Not fixed

    The issue is not fixed by creating the folder output. See below:

    Executing: PEzor.sh -64 -unhook -antidebug -shellcode -format=exe /home/simon.davies/Cobalt_Strike_Aggressor_Scripts/Beaconator/output/shellcode.bin[10:31:56] null value error at beaconator.cna:140

    bug 
    opened by Simon-Davies 4
  • options persist after payload creation

    options persist after payload creation

    If I create a payload with an option like -unhook and -x64. It will correctly create the payload. However if I then create a payload with just -x64 and -sgn, the script console says Executing: PEzor.sh -64 -unhook -sgn -shellcode -format=exe. It is keeping the old option of -unhook when not selected(the only option I have seen that does not persist to the next generation attempt is -32). I have to reload the script after every payload generation in order to get the correct options again.

    bug 
    opened by foehammer762 3
  • Null error

    Null error

    The shellcode is being correctly generated but not the binary/dll in the directoty ../output/pezor/shellcode.bin.

    [*] Executing: PEzor -64 -unhook -antidebug -shellcode -format=dll /opt/tools/Beaconator/output/pezor/shellcode.bin[18:17:32] null value error at beaconator.cna:248

    FYI : The command is working fine when I run it manually in a terminal.

    opened by TH3xACE 2
  • null value error

    null value error

    When I try to create a payload using beaconater i get the folllowing error: null value error at beaconator.cna:140

    I can then copy paste the whole command from the script console to the terminal and that works properly. I already installed pezor and updated the PATH variable.
    Once I manually created the subfolder output and hard coded the full path to pezor, It is now creating the shellcode.bin file in the output folder but not creating the final payload even though it says Success beacon can be found at path/to/cna/output

    bug 
    opened by foehammer762 2
  • Not sure if Bug??

    Not sure if Bug??

    null value error at beaconator.cna:243

    Tried with x86 and x64 using PEZor. With and without Syscalls in case that made any difference.

    Line 243 reads:

    closef($process);

    opened by 4r33d0m 1
  • Fixed output folder issue and fixed issue with options persisting to subsequent payload generations

    Fixed output folder issue and fixed issue with options persisting to subsequent payload generations

    Added folder "output" and added .gitignore to ignore the generated payloads but keep the folder. This fixes the null value error. Added code to reset the options back to null so that you don't have to reload the cna script after every payload generation.

    opened by foehammer762 0
Releases(2.0)

  • 2.0(Aug 10, 2021)

    • Added Alaris for generating staged shellcode
    • Added ScareCrow for generating stageless shellcode
    • Created a helper script for ScareCrow
    • Categorized selection as Staged or Stageless
    • Added tool output subfolders
    Source code(tar.gz)
    Source code(zip)

  • 1.1(Jul 23, 2021)

    • Fixed error check with the use of x86 arch & syscalls
    • Fixed the "null value error" due to missing output folder
    • Fixed issue with options persisting to subsequent payload generations
    • Added PEzor's BOF format
    • Added the -cleanup option for BOFs
    • Added the -sleep option
    • Added more error checks
    • Cleaned up the code
    Source code(tar.gz)
    Source code(zip)

  • 1.0(Jul 19, 2021)

Owner
Capt. Meelo
Infosec Noob
Capt. Meelo
GitHub Repository
A programming language that for tech savvy graphic designers

Microsoft Hackathon - PhoTex Idea A programming language that allows tech savvy graphic designers develop scalable vector graphics using plain text co

Joe Furfaro 5 Nov 14, 2021
LiteX-Acorn-Baseboard is a baseboard developed around the SQRL's Acorn board (or Nite/LiteFury) expanding their possibilities

LiteX-Acorn-Baseboard is a baseboard developed around the SQRL's Acorn board (or Nite/LiteFury) expanding their possibilities

33 Nov 26, 2022
A joke conlang with minimal semantics

SyntaxLang Reserved Defined Words Word Function fo Terminates a noun phrase or verb phrase tu Converts an adjective block or sentence to a noun to Ter

Leo Treloar 1 Dec 07, 2021
It is Keqin Wang first project in CMU, trying to use DRL(PPO) to control a 5-dof manipulator to draw line in space.

5dof-robot-writing this project aim to use PPO control a 5 dof manipulator to draw lines in 3d space. Introduction to the files the pybullet environme

Keqin Wang 4 Aug 22, 2022
30DaysOfCode-PhoenixClub - Solution of everyday coding problem given in 30DaysofCode contest held on Hackerrank

30DaysOfCode-PhoenixClub đŸ‘šâ€đŸ’» Every day problems solution given in 30DaysOfCode

Urveshkumar 8 Jan 30, 2022
Some usefull scripts for the Nastran's 145 solution (Flutter Analysis) using the pyNastran package.

nastran-aero-flutter This project is intended to analyse the Supersonic Panel Flutter using the NASTRAN software. The project uses the pyNastran and t

zuckberj 11 Nov 16, 2022
A carrot-based color palette you didn't know you needed.

A package to produce a carrot-inspired color palette for python/matplotlib. Install: pip install carrotColors Update: pip install --upgrade carrotColo

10 Sep 28, 2021
General tricks that may help you find bad, or noisy, labels in your dataset

doubtlab A lab for bad labels. Warning still in progress. This repository contains general tricks that may help you find bad, or noisy, labels in your

vincent d warmerdam 449 Dec 26, 2022
Autogenerador tonto de paquetes para ROSCPP

Autogenerador tonto de paquetes para ROSCPP Autogenerador de paquetes que usan C++ en ROS. Por ahora tiene las siguientes capacidades: Permite crear p

1 Nov 26, 2021
A docker container (Docker Desktop) for a simple python Web app few unit tested

Short web app using Flask, tested with unittest on making massive requests, responses of the website, containerized

Omar 1 Dec 13, 2021
Web-based Sudoku solver built using Python. A demonstration of how backtracking works.

Sudoku Solver A web-based Sudoku solver built using Python and Python only The motivation is to demonstrate how Backtracking algorithm works. Some of

Jerry Ng 2 Dec 31, 2022
A Lynx that manages a group that puts the federation first.

Lynx Super Federation Management Group Lynx was created to manage your groups on telegram and focuses on the Lynx Federation. I made this to root out

Unknown 2 Nov 01, 2022
Excel cell checker with python

excel-cell-checker Description This tool checks a given .xlsx file has the struc

Paul Aumann 1 Jan 04, 2022
IST-Website - IST Tutoring Portal for python

IST Tutoring Portal This portal is a web based interface to handle student help

Jean 3 Jan 03, 2022
A browser login credentials thief for windows and Linux

Thief đŸŠčđŸ» A browser login credentials thief for windows and Linux Python script to decrypt login credentials from browsers in windows or linux Decryp

Ash 1 Dec 13, 2021
The Great Autoencoder Bake Off

The Great Autoencoder Bake Off The companion repository to a post on my blog. It contains all you need to reproduce the results. Features Currently fe

Tilman Krokotsch 61 Jan 06, 2023
A corona information module

A corona information module

Fayas Noushad 3 Nov 28, 2021
Backup dc registry - A simple POC that abuses Backup Operator privileges to remote dump SAM, SYSTEM, and SECURITY

Backup Operator Registry Backup to Domain Compromise A simple POC that abuses Ba

Horizon 3 AI Inc 57 Dec 18, 2022
pgvector support for Python

pgvector-python pgvector support for Python Great for online recommendations 🎉 Supports Django, SQLAlchemy, Psycopg 2, Psycopg 3, and asyncpg Install

Andrew Kane 37 Dec 20, 2022
💡 Fully automatic light management based on conditions like motion, illuminance, humidity, and other clever features

Fully automatic light management based on motion as AppDaemon app. 🕓 multiple daytimes to define different scenes for morning, noon, ... 💡 supports

Ben 105 Dec 23, 2022