Code and yara rules to detect and analyze Cobalt Strike

Last update: Jan 04, 2023

Related tags

Miscellaneous cobaltstrike

Overview

Cobalt Strike Resources

This repository contains:

analyze.py: a script to analyze a Cobalt Strike beacon (python analyze.py BEACON)
extract.py; extract a beacon from an encrypted beacon
lib.py: library containing functions for the other scripts
output.csv : CSV file containing CS servers identified online in Dec 2020
rules.yar: Yara rules for CS beacons
scan_list.py: script to scan a list of servers (python scan_list.py FILE)
scan.py : script to scan a server (python scan.py IP)

You can see my blog post Analyzing Cobalt Strike for Fun and Profit for more information.

Credits : Amnesty Tech

Owner

Tek

Hacking things here and there, mostly threat intel, osint, malware analysis and human rights

GitHub Repository

Anki cards generator for Leetcode

Leetcode Anki card generator Summary By running this script you'll be able to generate Anki cards with all the leetcode problems. I personally use it

150 Dec 25, 2022

Runtime inspection utilities for Python typing module

Typing Inspect The typing_inspect module defines experimental API for runtime inspection of types defined in the Python standard typing module. Works

284 Dec 29, 2022

This repo holds custom callback plugin, so your Ansible could write everything in the PostgreSQL database.

English What is it? This is callback plugin that dumps most of the Ansible internal state to the external PostgreSQL database. What is this for? If yo

19 Oct 21, 2022

DOP-Tuning(Domain-Oriented Prefix-tuning model)

DOP-Tuning DOP-Tuning(Domain-Oriented Prefix-tuning model)代码基于Prefix-Tuning改进. Files ├── seq2seq # Code for encoder-decoder arch

5 Nov 02, 2022

Chicks get hostloc points regularly

hostloc_getPoints 小鸡定时获取hostloc积分 github action大规模失效，mjj平均一人10鸡，以下可以部署到自己的小鸡上

59 Dec 28, 2022

Python3 Interface to numa Linux library

py-libnuma is python3 interface to numa Linux library so that you can set task affinity and memory affinity in python level for your process which can help you to improve your code's performence.

13 Nov 10, 2022

This repository contains various tools useful for offensive operations (reversing, etc) regarding the PE (Portable Executable) format

PE-Tools This repository contains various tools useful for offensive operations (reversing, etc) regarding the PE (Portable Executable) format Install

4 Oct 13, 2022

Wrapper for the undocumented CodinGame API. Can be used both synchronously and asynchronlously.

codingame API wrapper Pythonic wrapper for the undocumented CodinGame API. Installation Python 3.6 or higher is required. Install codingame with pip:

19 Jun 20, 2022

Advanced Keylogger in Python

Advanced Keylogger in Python Important Disclaimer: The author will not be held r

1 Feb 07, 2022

Uma versão em Python/Ursina do aplicativo Real Drum (android).

Real Drum Descrição Esta é uma versão alternativa feita em Python com a engine Ursina do aplicatio Real Drum (presente no Google Play Store). Como exe

5 Aug 20, 2022

Find habits that genuinely increase your productivity

BiProductive Description This repository contains the application BiProductive, which analyzes the habits of the person, tests his productivity, and d

43 Jun 11, 2022

calculadora financiera hecha en python

Calculadora financiera Calculadora de factores financieros basicos, puede calcular tanto factores como expresiones algebraicas en funcion de dichos fa

5 Nov 10, 2021

A simple script that can watch a list of directories for change and does some action

plot_watcher A simple script that can watch a list of directories and does some action when a specific kind of change happens In its current implement

12 Sep 10, 2021

Python module to work with Magneto Database directly without using broken Magento 2 core

13 Nov 10, 2022

This repo is a collection of programs and websites templates too

📢 Register here for Hacktoberfest and make four pull requests (PRs) between October 1st-31st to grab free SWAGS 🔥 . IMPORTANT While making pull requ

7 Oct 03, 2022

A comparison of mesh generators.

This repository creates meshes of the same domains with multiple mesh generators and compares the results.

29 Dec 12, 2022

A webapp for taking fast notes, designed for business, school, and collaboration with groups.

JOTS Journal of the Session A webapp for taking fast notes, designed for business, school, and collaboration with groups.

2 Jun 10, 2022

A competition for forecasting electricity demand at the country-level using a standard backtesting framework

5 Jul 12, 2022

Web UI for your scripts with execution management

Script-server is a Web UI for scripts. As an administrator, you add your existing scripts into Script server and other users would be ab

1.1k Jan 09, 2023

Let's make a lot of random function from Scracth...

Pseudo-Random On a whim I asked myself the question about how randomness is integrated into an algorithm? So I started the adventure by trying to code

2 Jan 19, 2022