Skip to content

nickvourd/CS-Aggressor-Kit

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

CS-Aggressor-Kit

Homemade aggressor scripts kit for Cobalt Strike

Table of Contents

Summary

The following table illustrates all the CNA files included in this project:

Section Name Description
Alert slack-alerts_linux.cna Slack CNA file for Linux CS client
Alert slack-alerts_windows.cna Slack CNA file for Windows CS client
Alert discord-alerts_linux.cna Discord CNA file for Linux CS Client
Alert teams-alerts_linux.cna Teams CNA file for Linux CS Client

Alert

These CNA files will notify you via the Slack/Discord/Teams applications when:

  • A new client connects to the team server.
  • A CS client disconnects from the team server.
  • A new incoming beacon.
  • A new web hit occurs.
  • A CS client posts something in the event log.
  • New site hosts.
  • New credentials come in from keylogging.
  • A new screenshot is taken from Cobalt Strike.

ℹ️ Some CNA files are compatible with both Windows and Linux operating systems.

The following table illustrates the CNA files included in the Alert section:

Name OS App Description
slack-alerts_linux.cna Linux Slack Slack CNA file for Linux CS client
slack-alerts_windows.cna Windows Slack Slack CNA file for Windows CS client
discord-alerts_linux.cna Linux Discord Discord CNA file for Linux CS Client
teams-alerts_linux.cna Linux Teams Teams CNA file for Linux CS Client

Setup Slack and Webhooks

ℹ️ To set up a Slack server and webhook, you can follow these guides provided on the Slack website.

Setup Discord and Webhooks

ℹ️ To set up a Discord server and webhook, you can follow these guides provided on the Discord website.

Setup Teams Webhooks

ℹ️ To set up a Microsoft Teams webhook, you can follow these guides provided on Microsoft website.

Example Alert CNA Output

New incoming Beacon notification example (Slack):

New-Beacon-Example

New Web hit notification example (Discord):

Web-Hit-Example

New CS client connects to the teamserver notification example (Slack):

New-CS-Client-Connect-Example

CS Client disconnects from the teamserver notification example (Discord):

CS-Client-Disconnect

CS Client hosts a file or clones a website notification example (Slack):

Host-File-Clone-Site

CS client posts something in the event log (Discord):

New-message-CS

New credentials come in from keylogging (Discord):

New-credentials-come-in

New screenshot is taken from Cobalt Strike (Slack):

New-Screesnhot-taken