Monday, December 6, 2021

A Cobalt Strike Scanner that retrieves detected Team Server beacons into a JSON object

A tool to hunt/mine for Cobalt Strike beacons and “reduce” their beacon configuration for later indexing. Hunts can either be expansive and internet wide using services like SecurityTrails, Shodan, or ZoomEye or a list of IP’s.

Getting started

Install melting-cobalt Configure your tokens to begin the hunt Mine Beacons to begin reducing them Review results cat results.json | jq

📺 Demo

Installation

Requirements: virtualenv , and python3.8+

git clone https://github.com/splunk/melting-cobalt &…

Read More

Latest news
Related news