CobaltStrikeScan Logo

CobaltStrikeScan

0
Free
Visit Website

CobaltStrikeScan scans Windows process memory for evidence of DLL injection (classic or reflective injection) and/or performs a YARA scan on the target process' memory for Cobalt Strike v3 and v4 beacon signatures. It can also scan a file for Cobalt Strike beacons and parse their configuration. The tool can display the beacon's configuration if detected.

FEATURES

ALTERNATIVES

Vectra AI offers an AI-driven Attack Signal Intelligence platform that uses advanced machine learning to detect and respond to cyber threats across hybrid cloud environments.

VirusTotal API v3 is a threat intelligence platform for scanning files, URLs, and IP addresses, and retrieving reports on threat reputation and context.

GCTI's open-source detection signatures for malware and threat detection

A threat intelligence dissemination layer for open-source security tools with STIX-2 support and plugin-based architecture.

Collection of Yara rules for file identification and classification

An informational repo about hunting for adversaries in your IT environment.

Provides indicators of compromise (IOCs) to combat malware with Yara and Snort rules.

A project focusing on understanding and combating threats to the Internet economy and net citizens.