Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Aggressor Scripts for Cobalt Strike

NotificationsYou must be signed in to change notification settings

secgroundzero/CS-Aggressor-Scripts

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

56 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Aggressor script for easier team collaboration with Cobalt Strike.

Description

ℹ️ This project contains CNA files for Cobalt Strike, parsers for automated editing of the CNA files, and guides to set up webhooks on the Slack application.

These CNA files will notify you via the Slack application when:

  • A new client connects to the team server.
  • A CS client disconnects from the team server.
  • A new incoming beacon.
  • A new web hit occurs.
  • A CS client posts something in the event log.
  • New site hosts.
  • New credentials come in from keylogging.
  • A new screenshot is taken from Cobalt Strike.

ℹ️ The scripts are compatible with both the Windows and Linux operating systems.

The following table illustrates the CNA files included in this project:

NameOSAppDescription
slack-alerts_linux.cnaLinuxSlackSlack CNA file for Linux CS client
slack-alerts_windows.cnaWindowsSlackSlack CNA file for Windows CS client

Acknowledgement

The official author of this project is@sec_groundzero.

Special thanks to my friend@nickvourd for his contributions.

This aggressor script was inspired by@bluescreenofjeff's projects.

Table of Contents

Webhooks

Setup Slack and Webhooks

ℹ️ To set up a Slack server and webhook, you can follow these guides provided on theSlack website.

Parsers

In this project, there are two parsers that automate the editing of CNA file according to your personal preferences.

ℹ️ However, you can manually edit the CNA files without using the parsers.

In the following table, the parsers of this project are presented:

NameLanguageOSAppDescription
slack-cna-parser_linux.shBashLinuxSlackSlack CNA Parser for Linux systems
slack-cna-parser_windows.ps1PowerShellWindowsSlackSlack CNA Parser for Windows systems

Linux Parser for Slack

TheLinux parser for Slack uses three mandatory arguments:

  • hostname
  • channel
  • webhook

To run the linux parser, you should use the following usage:

./slack-cna-parser_linux.sh --channel "#XXXX" --hostname "XXXX" --webhook "https://hooks.slack.com/services/XXXX"

Example:

linux-parser-example

Windows Parser for Slack

TheWindows parser for Slack uses three mandatory arguments:

  • hostname
  • channel
  • webhook

To run the windows parser, you should use the following usage:

.\slack-cna-parser_windows.ps1  -hostname "XXXX" -channel "#XXXX" -webhook "https://hooks.slack.com/services/XXXX"

Example:

windows-parser-example

References

About

Aggressor Scripts for Cobalt Strike

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Contributors3

  •  
  •  
  •  
[8]ページ先頭
©2009-2025 Movatter.jp