In a recently released report, Trend Micro reveals details of a new advanced persistent threat (APT) campaign they’ve named Earth Krahang. This China-nexus threat actor demonstrates alarming sophistication, with an unwavering focus on compromising...
Cybersecurity researchers at Kroll have unveiled a worrisome advancement in the notorious SPARKRAT malware toolkit. A new, never-before-seen loader written in Golang is being actively used to sneak SPARKRAT onto targeted systems, allowing the...
In December 2023, Elastic Security Labs uncovered a sophisticated cyber intrusion, dubbed REF0657, targeting a financial services organization in South Asia. This intrusion was notable for its utilization of a variety of open-source tools...
In the ever-evolving landscape of cyber threats, a new name has emerged with a notorious reputation – Pikabot. This loader malware, actively employed in spam campaigns by the threat actor known as Water Curupira,...
Kerbeus-BOF Beacon Object Files for Kerberos abuse. This is an implementation of some important features of the Rubeus project, written in C. The project features integration with the C2 frameworks Cobalt Strike and Havoc. Download git clone https://github.com/RalfHacker/Kerbeus-BOF.git Use...
ScreenshotBOF An alternative screenshot capability for Cobalt Strike that uses WinAPI and does not perform a fork & run. The screenshot was downloaded in memory. Why did I make this? Cobalt Strike uses a...
The maintainers of the Cobalt Strike project, HelpSystems has pushed out-of-band software updates to its adversary simulation tool to contain a critical-impact security vulnerability. The flaw, now assigned the identifier CVE-2022-39197, has been described as...
Chisel-Strike A .NET XOR encrypted cobalt strike aggressor implementation for the chisel to utilize faster proxy and advanced socks5 capabilities. Why write this? In my experience, I found socks4/socks4a proxies quite slow in comparison...
pyCobaltHound pyCobaltHound is an Aggressor script extension for Cobalt Strike which aims to provide deep integration between Cobalt Strike and Bloodhound. pyCobaltHound strives to assist red team operators by: Automatically querying the BloodHound database to discover escalation paths opened...
aggrokatz aggrokatz is an Aggressor plugin extension for CobaltStrike which enables pypykatz to interface with the beacons remotely. The current version of aggrokatz allows pypykatz to parse LSASS dump files and Registry hive files to extract credentials and...
Introduction to Cobalt Strike Cobalt Strike a metasploit-based GUI of the framework of penetration testing tools, integrated port forwarding, service scanning, automation overflow, multi-mode port monitoring, win exe Trojan generation, win dll Trojan generation,...
Secure Your Connection
