AggressorScripts
→ View on GitHubAI Summary: Aggressor Scripts is a collection of scripts designed to enhance the functionality of Cobalt Strike, primarily aiding penetration testers and red teamers in executing various tasks more efficiently. Notable features include payload generation for different delivery methods, querying for installed antivirus solutions, and tools for detecting endpoint detection and response (EDR) solutions, all aimed at improving user experience and operational effectiveness during security assessments. Additionally, the repository serves as a resource for common OS commands and red teaming strategies, promoting collaborative improvement through community feedback.
README
Aggressor Scripts
Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources
All_In_One.cna v1 - Removed and outdated
- All purpose script to enhance the user’s experience with cobaltstrike. Custom menu creation, Logging, Persistence, Enumeration, and 3rd party script integration.
- Version 2 is currently in development!
ArtifactPayloadGenerator.cna
Generates every type of Stageless/Staged Payload based off a HTTP/HTTPS Listener
Creates /opt/cobaltstrike/Staged_Payloads, /opt/cobaltstrike/Stageless_Payloads
AVQuery.cna
Queries the Registry with powershell for all AV Installed on the target
Quick and easy way to get the AV you are dealing with as an attacker
CertUtilWebDelivery.cna
Stageless Web Delivery using CertUtil.exe
Powerpick is used to spawn certutil.exe to download the stageless payload on target and execute with rundll32.exe
EDR.cna
- Detects EDR solutions running on local/remote hosts
RedTeamRepo.cna
A common collection of OS commands, and Red Team Tips for when you have no Google or RTFM on hand.
Script will be updated on occasion, feedback and more inputs are welcomed!
ProcessColor.cna
Color coded process listing without the file requirement.
Thanks to @oldb00t for the original version: https://github.com/oldb00t/AggressorScripts/tree/master/Ps-highlight
