PyBeacon is a collection of scripts for dealing with Cobalt Strike's encrypted traffic.

Related tags

Cryptographypybeacon
Overview

PyBeacon

PyBeacon is a collection of scripts for dealing with Cobalt Strike's encrypted traffic.

It can encrypt/decrypt beacon metadata, as well as parse symmetric encrypted taskings

Scripts included

There is a small library which includes encryption/decoding methods, however some example scripts are included.

  • stager-decode.py - this tool will simply decode a beacon DLL from a stager URL (you can use it to extract the public key).
  • register.py - this tool deals with RSA encrypted metadata and can register a new (fake) beacon on a target Teamserver.
  • tasktool.py - this tool deals with AES encrypted taskings to/from the teamserver. Use it to send callbacks to the teamserver, or for decoding taskings from a Teamserver to the beacon.
  • cs-3-5-rce.py - This is an implementation of the exploit used to exploit CS < 3.5-hf1, which was used in the wild to hack Cobalt Strike servers. It works by registering a beacon with a directory traversal in the IP address field. It then subsequently registers a download callback which causes the "download" to be uploaded anywhere on the target file system. The ITW exploit used a cronjob to achieve RCE.

TODO

  • Add more task types to the task decoding logic
  • Add decoding for beacon taskings. At the moment some "generic" logic is used, but it's not really helpful
Owner
NCC Group Plc
Please report all security issues to security at nccgroup dot com
NCC Group Plc
GitHub Repository
Best blockchain in the world

alphachain Best blockchain in the world!!! Can be used to implement Layer 2 cryptocurrency protocol just click alphachain.py and it will execute autom

Niño Sison 0 Feb 18, 2022
This is a Sharding Simulator to study blockchain scalability

Sharding Simulator This is a Sharding Simulator to study blockchain scalability. How to run on Ubuntu First make sure you have the header file for Pyt

1 Jan 23, 2022
keyring MITkeyring (đŸ„‰27 · ⭐ 630) - Store and access your passwords safely. MIT

The Python keyring library provides an easy way to access the system keyring service from python. It can be used in any application that needs safe pa

Jason R. Coombs 948 Dec 18, 2022
A Python library to wrap age and minisign to provide key management, encryption/decryption and signing/verification functionality.

A Python library to wrap age and minisign to provide key management, encryption/decryption and signing/verification functionality.

Vinay Sajip 3 Feb 01, 2022
Lottery by Ethereum Blockchain

Lottery by Ethereum Blockchain Set your web3 provider url in .env PROVIDER=https://mainnet.infura.io/v3/YOUR-INFURA-TOKEN Create your source file .

John Torres 3 Dec 23, 2021
Image AES256 crypt-decrypt

Image AES256 crypt-decrypt

Damian Panek 37 Nov 09, 2021
High Performance Blockchain Deserializer

bitcoin_explorer is an efficient library for reading bitcoin-core binary blockchain file as a database (utilising multi-threading).

Congyu 2 Dec 28, 2021
Random Password Generator With Python

Random_Password_Generator example output length

Mahdi Rostami Pooya 2 Dec 22, 2021
PySETO is a PASETO (Platform-Agnostic SEcurity TOkens) implementation written in Python

A Python implementation of PASETO.

Ajitomi, Daisuke 33 Dec 17, 2022
Advanced Digital Envelope System Using Cryptography Techniques (Encryption & Decryption)

Advanced-Digital-Envelope-System Advanced Digital Envelope System Using Cryptography Encryption Techniques The digital envelope system is the techniqu

NelakurthiSudheer 2 Jan 03, 2022
A simple Ethereum mining pool

A simple getWork pool for ethereum mining

93 Oct 05, 2022
SimpleWallet - Simple wallet for Bitcoin

Simple Wallet This is a basic python starter package to be used as a template fo

Mystic 1 Jan 08, 2022
Message Encrypt and decrypt software // allows you to encrypt the secrete message and decrypt Another Encryption Message. |

Message-Encrypy-Decrypt-App Message Encrypt and decrypt software // allows you to encrypt the secrete message and decrypt Another Encryption Message.

Abdulrahman-Haji 2 Dec 16, 2021
Pogramme de chiffrement et déchiffrement césar d'un message en python3.

Chiffrement Cesar En Python3 Pogramme de chiffrement et déchiffrement césar d'un message en python3. Explication du chiffrement César avec complexité

Malik Makkes 1 Mar 26, 2022
A Python module to encrypt and decrypt data with AES-128 CFB mode.

cryptocfb A Python module to encrypt and decrypt data with AES-128 CFB mode. This module supports 8/64/128-bit CFB mode. It can encrypt and decrypt la

Quan Lin 2 Sep 23, 2022
A simple and secure password-based encryption & decryption algorithm based on hash functions, implemented solely based on python.

pyhcrypt A simple and secure password-based encryption & decryption algorithm based on hash functions, implemented solely based on python. Usage Pytho

Hongfei Xu 3 Feb 08, 2022
Generate a 2FA Code out of an 2FA Secret(Time-based only!)

2FA-Generator Generate a 2FA Code out of an 2FA Secret(Time-based only!) ❗ Pleas don't share this secrets/generated codes with someone. If someone kno

TheDanniCraft 1 Nov 05, 2021
A simple Python tool to help anyone use Liquidity Pools on the BitShares blockchain.

ACCOUNT AND ACTIVE KEY ARE NOT PERSISTENT, YOU WILL NEED TO ENTER THEM EACH TIME YOU LAUNCH THE APP (but not every transaction. that's a win). If / wh

Brendan Jensen 17 Jun 15, 2022
zhash is a simple Python tool which allows to create/crack hashes

zhash zhash is a simple python tool which allows you to crack/create hashes. Below are the list of supported algorithms that zhash can crack Supported

3 May 27, 2022
Tron Wallet (TRX) Crack Finder With Python Just 64 Line

TRXGEN Tron Wallet Finder and Crack With Python Tron Wallet (TRX) Crack Finder With Python Just 64 Line My tools [pycharm + anaconda3 + python3.8 + vi

MMDRZA 6 Dec 18, 2022