CobaltStrikeScan Logo

CobaltStrikeScan

0
Free
Visit Website

CobaltStrikeScan scans Windows process memory for evidence of DLL injection (classic or reflective injection) and/or performs a YARA scan on the target process' memory for Cobalt Strike v3 and v4 beacon signatures. It can also scan a file for Cobalt Strike beacons and parse their configuration. The tool can display the beacon's configuration if detected.

FEATURES

ALTERNATIVES

A threat intelligence dissemination layer for open-source security tools with STIX-2 support and plugin-based architecture.

RedEye is a visual analytic tool for enhancing Red and Blue Team operations.

A threat hunting capability that leverages Sysmon and MITRE ATT&CK on Azure Sentinel

The Cybersecurity and Infrastructure Security Agency (CISA) is a government agency that provides alerts, advisories, and resources to help protect the United States' critical infrastructure from cyber threats.

A collection of Yara rules for the Burp Yara-Scanner extension to identify malicious software on websites.

Repository of APT-related documents and notes sorted by year.

A database of Tor exit nodes with their corresponding IP addresses and timestamps.

A Linux distribution designed for threat emulation and threat hunting, integrating attacker and defender tools for identifying threats in your environment.