v1.0.0 #40
yunzheng
announced in
Announcements
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
This release mainly introduces support for parsing and decrypting Cobalt Strike C2 traffic from PCAP files and also adds Beacon Client support which allows you to connect to a Cobalt Strike Team Server and receive tasks and send back data like a real Beacon.
See also these new tutorials on how to use it:
Many thanks to @sud0woodo for laying the groundwork for these features!
What's Changed
BeaconConfig: public_key, port, jitter, sleeptime, submit_uri AddBeaconConfig.public_keyproperty #22 Add support for beacon client and decrypting traffic from PCAP files #25netbios_encodeandnetbios_decodefunctions to utils.py Addnetbios_encodeandnetbios_decodefunctions to utils.py #23scripts/artifact.pyto it's ownbeacon-artifactCLI tool Movescripts/artifact.pyto it's ownbeacon-artifactCLI tool #37extrasflavours tosetup.pyAdd support for beacon client and decrypting traffic from PCAP files #25dissect.cobaltstrike[c2]- for if you want to communicate with Cobalt Strike Team Serversdissect.cobaltstrike[pcap]- for if you want to parse and decrypt PCAPs containing Beacon trafficdissect.cobaltstrike[full]- all of the above but also installsrichfor prettier log outputDocumentation
docs/requirements.txtand use pip method for building readthedocs Get rid of docs/requirements.txt and use pip method for readthedocs #28 Fix readthedocs #29scripts/*.pyto it's own scripts section in documentation.beacon-artifactfor dumping beacons created with ArtifactKitbeacon-clientfor connecting to a Cobalt Strike Team Server as a beacon clientbeacon-pcapfor parsing and decrypting Cobalt Strike C2 traffic in PCAP filesFull Changelog: v0.2.2...v1.0.0
This discussion was created from the release v1.0.0.
Beta Was this translation helpful? Give feedback.
All reactions