| Category | Instruction |
|---|---|
| Author | Rvn0xsy |
| Team | 0x727 Open source tools will continue for some time to come |
| Position | This project integrates multiple AggressorScripts and multiple PE files to form a CNA-only toolkit, which needs to be loaded on Cobalt Strike for browsing capabilities and rapid penetration. |
| Language | Aggressor Script、C++、C# |
| Function | Support red team penetration testing in multiple scenarios of Cobalt Strike |
Aggressor Script is the scripting language built into Cobalt Strike, version 3.0, and later. Aggresor Script allows you to modify and extend the Cobalt Strike client.
Aggressor Script is the scripting language built into Cobalt Strike, version 3.0, and later. Aggresor Script allows you to modify and extend the Cobalt Strike client.
Download Install
Download Release Zip File.
Git Download
$ git clone https://github.com/0x727/AggressorScripts_0x727Please follow the Cobalt Strike Aggressor Script documentation
Users need to understand the basic concepts of Cobalt Strike Aggressor Script
2020/01/08
- Support Pass-The-Hash(PTH)
- Support DcSync
- Support Clone User
- Support Mimikatz logonPasswords
- Support Mimikatz Skeleton
- Support Dump krbtgt Hash
- Support Create Golden ticket
- Support Impersonate Process Token
2020/01/08
- Support Frp Config
- Support Dump Navicat Passwords
- Support Dump Browser Passwords
2020/07/07
- Support PrintSpool local privilege escalation
- Support atexec
- Support SpwanReflectiveC2
- Support DingDing Robot (MacOS,Windows 10,Linux)
- Fix several Powershell script loading problems
2020/07/10
- Update the reflection DLL derived from Aliyun C2
Since Cobaltstrike 4.0 has a problem with judging the number of processes, temporarily use the x86 test to pass
2020/03/11
- Support Pass-The-Hash(PTH)
- Support DcSync
- Support Clone User
- Support Mimikatz logonPasswords
- Support Mimikatz Skeleton
- Support Dump krbtgt Hash
- Support the creation of Golden ticket
- Support for listing access tokens, access token privilege elevation, and access token counterfeiting
- One-click execution Dump lsass.exe
- One-click execution Lazagne.exe
- One-click execution Dump Navicat Passwords
- One-click execution Bloodhund Powershell
- One-click execution Bloodhund C#
- One-click execution Dump lsass.exe
- One-click execution Lazagne
- One-click execution Dump Navicat Passwords
Lazagne.exe file bottleneck, need to wait
- One-click execution Bloodhound Powershell
- One-click execution Bloodhound C#
- Cobalt Strike Aggressor Script (第一课)
- Cobalt Strike Aggressor Script (第二课)
- 通过反射DLL注入来构建后渗透模块(第一课)
- 如何实现一个Atexec
- 如何实现一个Psexec
Interested in getting involved? We would like to help you!
- Take a look at our issues list and consider sending a Pull Request to dev branch.
- If you want to add a new feature, please create an issue first to describe the new feature, as well as the implementation approach. Once a proposal is accepted, create an implementation of the new features and submit it as a pull request.
- Sorry for my poor English. Improvements for this document are welcome, even some typo fixes.
- If you have great ideas, email 0x727Team@gmail.com.
