Skip to content

0x727/AggressorScripts_0x727

Repository files navigation

Aggressor Scripts

English | 中文简体

Category Instruction
Author Rvn0xsy
Team 0x727 Open source tools will continue for some time to come
Position This project integrates multiple AggressorScripts and multiple PE files to form a CNA-only toolkit, which needs to be loaded on Cobalt Strike for browsing capabilities and rapid penetration.
Language Aggressor Script、C++、C#
Function Support red team penetration testing in multiple scenarios of Cobalt Strike

What is Aggressor Scripts ?

Aggressor Script is the scripting language built into Cobalt Strike, version 3.0, and later. Aggresor Script allows you to modify and extend the Cobalt Strike client.

Why Aggressor Scripts ?

Aggressor Script is the scripting language built into Cobalt Strike, version 3.0, and later. Aggresor Script allows you to modify and extend the Cobalt Strike client.

Quick start Installation

Download Install

Download Release Zip File.

Git Download

$ git clone https://github.com/0x727/AggressorScripts_0x727

Usage example

Please follow the Cobalt Strike Aggressor Script documentation

Users need to understand the basic concepts of Cobalt Strike Aggressor Script

CHANGE LOG

2020/01/08

  • Support Pass-The-Hash(PTH)
  • Support DcSync
  • Support Clone User
  • Support Mimikatz logonPasswords
  • Support Mimikatz Skeleton
  • Support Dump krbtgt Hash
  • Support Create Golden ticket
  • Support Impersonate Process Token

2020/01/08

  • Support Frp Config
  • Support Dump Navicat Passwords
  • Support Dump Browser Passwords

2020/07/07

  • Support PrintSpool local privilege escalation
  • Support atexec
  • Support SpwanReflectiveC2
  • Support DingDing Robot (MacOS,Windows 10,Linux)
  • Fix several Powershell script loading problems

2020/07/10

  • Update the reflection DLL derived from Aliyun C2

Since Cobaltstrike 4.0 has a problem with judging the number of processes, temporarily use the x86 test to pass

2020/03/11

Mimikatz

  • Support Pass-The-Hash(PTH)
  • Support DcSync
  • Support Clone User
  • Support Mimikatz logonPasswords
  • Support Mimikatz Skeleton
  • Support Dump krbtgt Hash
  • Support the creation of Golden ticket
  • Support for listing access tokens, access token privilege elevation, and access token counterfeiting
  • One-click execution Dump lsass.exe
  • One-click execution Lazagne.exe
  • One-click execution Dump Navicat Passwords
  • One-click execution Bloodhund Powershell
  • One-click execution Bloodhund C#

Procdump && Lazagne && Navicat

  • One-click execution Dump lsass.exe
  • One-click execution Lazagne
  • One-click execution Dump Navicat Passwords

Lazagne.exe file bottleneck, need to wait

Bloodhound

  • One-click execution Bloodhound Powershell
  • One-click execution Bloodhound C#

Key technology

Contributing

Interested in getting involved? We would like to help you!

  • Take a look at our issues list and consider sending a Pull Request to dev branch.
  • If you want to add a new feature, please create an issue first to describe the new feature, as well as the implementation approach. Once a proposal is accepted, create an implementation of the new features and submit it as a pull request.
  • Sorry for my poor English. Improvements for this document are welcome, even some typo fixes.
  • If you have great ideas, email 0x727Team@gmail.com.

Stargazers over time

Stargazers over time

Thanks for these open source projects