Skip to content
/ cobaltstrike Public
forked from Te-k/cobaltstrike

Code and yara rules to detect and analyze Cobalt Strike

2 stars 58 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

opexxx/cobaltstrike

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
.gitignore
.gitignore
 
 
README.md
README.md
 
 
analyze.py
analyze.py
 
 
extract.py
extract.py
 
 
lib.py
lib.py
 
 
output.csv
output.csv
 
 
requirements.txt
requirements.txt
 
 
rules.yar
rules.yar
 
 
scan.py
scan.py
 
 
scan_list.py
scan_list.py
 
 

Repository files navigation

Cobalt Strike Resources

This repository contains:

  • analyze.py: a script to analyze a Cobalt Strike beacon (python analyze.py BEACON)
  • extract.py; extract a beacon from an encrypted beacon
  • lib.py: library containing functions for the other scripts
  • output.csv : CSV file containing CS servers identified online in Dec 2020
  • rules.yar: Yara rules for CS beacons
  • scan_list.py: script to scan a list of servers (python scan_list.py FILE)
  • scan.py : script to scan a server (python can.py IP)

You can see my blog post Analyzing Cobalt Strike for Fun and Profit for more information.

Credits : Amnesty Tech

About

Code and yara rules to detect and analyze Cobalt Strike

Resources

Readme
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Python 93.9%
  • YARA 6.1%