A tool to hunt/mine for Cobalt Strike beacons and “reduce” their beacon configuration for later indexing. Hunts can either be expansive and internet wide using services like SecurityTrails, Shodan, or ZoomEye or a list of IP’s.
Install melting-cobalt Configure your tokens to begin the hunt Mine Beacons to begin reducing them Review results cat results.json | jq
Requirements: virtualenv , and python3.8+
git clone https://github.com/splunk/melting-cobalt &…