• Stars
    star
    149
  • Rank 248,619 (Top 5 %)
  • Language
    PowerShell
  • License
    MIT License
  • Created over 3 years ago
  • Updated over 3 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Cobalt Strike AggressorScripts For Red Team

Aggressor Scripts

English | 中文简体

Category Instruction
Author Rvn0xsy
Team 0x727 Open source tools will continue for some time to come
Position This project integrates multiple AggressorScripts and multiple PE files to form a CNA-only toolkit, which needs to be loaded on Cobalt Strike for browsing capabilities and rapid penetration.
Language Aggressor Script、C++、C#
Function Support red team penetration testing in multiple scenarios of Cobalt Strike

What is Aggressor Scripts ?

Aggressor Script is the scripting language built into Cobalt Strike, version 3.0, and later. Aggresor Script allows you to modify and extend the Cobalt Strike client.

Why Aggressor Scripts ?

Aggressor Script is the scripting language built into Cobalt Strike, version 3.0, and later. Aggresor Script allows you to modify and extend the Cobalt Strike client.

Quick start Installation

Download Install

Download Release Zip File.

Git Download

$ git clone https://github.com/0x727/AggressorScripts_0x727

Usage example

Please follow the Cobalt Strike Aggressor Script documentation

Users need to understand the basic concepts of Cobalt Strike Aggressor Script

CHANGE LOG

2020/01/08

  • Support Pass-The-Hash(PTH)
  • Support DcSync
  • Support Clone User
  • Support Mimikatz logonPasswords
  • Support Mimikatz Skeleton
  • Support Dump krbtgt Hash
  • Support Create Golden ticket
  • Support Impersonate Process Token

2020/01/08

  • Support Frp Config
  • Support Dump Navicat Passwords
  • Support Dump Browser Passwords

2020/07/07

  • Support PrintSpool local privilege escalation
  • Support atexec
  • Support SpwanReflectiveC2
  • Support DingDing Robot (MacOS,Windows 10,Linux)
  • Fix several Powershell script loading problems

2020/07/10

  • Update the reflection DLL derived from Aliyun C2

Since Cobaltstrike 4.0 has a problem with judging the number of processes, temporarily use the x86 test to pass

2020/03/11

Mimikatz

  • Support Pass-The-Hash(PTH)
  • Support DcSync
  • Support Clone User
  • Support Mimikatz logonPasswords
  • Support Mimikatz Skeleton
  • Support Dump krbtgt Hash
  • Support the creation of Golden ticket
  • Support for listing access tokens, access token privilege elevation, and access token counterfeiting
  • One-click execution Dump lsass.exe
  • One-click execution Lazagne.exe
  • One-click execution Dump Navicat Passwords
  • One-click execution Bloodhund Powershell
  • One-click execution Bloodhund C#

Procdump && Lazagne && Navicat

  • One-click execution Dump lsass.exe
  • One-click execution Lazagne
  • One-click execution Dump Navicat Passwords

Lazagne.exe file bottleneck, need to wait

Bloodhound

  • One-click execution Bloodhound Powershell
  • One-click execution Bloodhound C#

Key technology

Contributing

Interested in getting involved? We would like to help you!

  • Take a look at our issues list and consider sending a Pull Request to dev branch.
  • If you want to add a new feature, please create an issue first to describe the new feature, as well as the implementation approach. Once a proposal is accepted, create an implementation of the new features and submit it as a pull request.
  • Sorry for my poor English. Improvements for this document are welcome, even some typo fixes.
  • If you have great ideas, email [email protected].

Stargazers over time

Stargazers over time

Thanks for these open source projects

More Repositories

1

ShuiZe_0x727

信息收集自动化工具
Python
3,696
star
2

SpringBootExploit

项目是根据LandGrey/SpringBootVulExploit清单编写,目的hvv期间快速利用漏洞、降低漏洞利用门槛。
Java
1,801
star
3

ObserverWard

侦查守卫(ObserverWard)指纹识别工具Community web fingerprint identification tool
Rust
1,008
star
4

FingerprintHub

侦查守卫(ObserverWard)的指纹库
Rust
970
star
5

BypassPro

对权限绕过自动化bypass的burpsuite插件
Java
798
star
6

SchTask_0x727

创建隐藏计划任务,权限维持,Bypass AV
C#
510
star
7

SqlKnife_0x727

适合在命令行中使用的轻巧的SQL Server数据库安全检测工具
C++
415
star
8

ShuiYing_0x727

检测域环境内,域机器的本地管理组成员是否存在弱口令和通用口令,对域用户的权限分配以及域内委派查询
C++
331
star
9

Space_view

Space_view 是一款Hunter(鹰图平台)或者FOFA平台 资产展示的浏览器油猴插件
JavaScript
301
star
10

JNDIExploit

一款用于JNDI注入利用的工具,大量参考/引用了Rogue JNDI项目的代码,支持直接植入内存shell,并集成了常见的bypass 高版本JDK的方式,适用于与自动化工具配合使用。
Java
268
star
11

DropLabTools

一个垃圾利用工具,半自动发包机器
Java
227
star
12

MetasploitCoop_0x727

基于msf的后渗透协作平台
215
star
13

BugRepoter_0x727

BugRepoter_0x727(自动化编写报告平台)根据安全团队定制化协同管理项目安全,可快速查找历史漏洞,批量导出报告。
PHP
207
star
14

CloneX_0x727

进行克隆用户、添加用户等账户防护安全检测的轻巧工具
C++
171
star
15

UserRegEnum_0x727

域内普通域用户权限查找域内所有计算机上登录的用户
C++
142
star
16

CloudSandbox

收集云沙箱上线C2的ip,如微X、奇XX、3X0、virustX等
120
star
17

MetasploitModules_0x727

Metasploit Modules Development
Ruby
70
star
18

MetasploitCoop-Backend

基于msf的后渗透协作平台 -- 后端部分
Python
38
star
19

n2shell

解决使用默认密码webshell的问题
Python
23
star
20

MetasploitCoop-Frontend

基于msf的后渗透协作平台 -- 前端部分
Vue
20
star
21

usefull-elevation-of-privilege

Usefull escalation of privilege Windows
3
star
22

.github

2
star