James Chapman jflyoo
jflyoo
/ malleable_c2_profiles
Created
July 29, 2022 14:26
— forked from MHaggis/malleable_c2_profiles
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| spawnto | |
| https://raw.githubusercontent.com/kphongagsorn/c2-profiles/29fe50eaad655ddd0028fca06a9c7785e3ffaf41/amazon.profile | |
| https://raw.githubusercontent.com/kvcallfield/Cobalt-Strike-C2-profiles/cae44634d57c0d8a099e50f6d4e9b73acaaab9d6/amazon2.profile | |
| https://raw.githubusercontent.com/KevinCooper/24AF-CyberChallenge/67f531777f7912c7129f633f43e06fba79c5f3e2/CobaltStrike/cobalt.profile | |
| https://raw.githubusercontent.com/webcoderz/agressor-scripts-/950064776853cf4dd7403d0f75b5306fe275fcc3/Malleable-C2-Profiles-master/APT/meterpreter.profile | |
| https://raw.githubusercontent.com/hadesangel/Malleable-C2-Profiles/390937aec01e0bcdaf23312277e96e57ac925f7b/APT/meterpreter.profile | |
| https://raw.githubusercontent.com/ianxtianxt/Malleable-C2-Profiles/07fd3b45c4166c9aecdcfa54cddc905c22f6ff85/APT/meterpreter.profile | |
| https://raw.githubusercontent.com/seclib/Malleable-C2-Profiles/390937aec01e0bcdaf23312277e96e57ac925f7b/APT/meterpreter.profile | |
| https://raw.githubusercontent.com/rsmudge/Malleable-C2-Profiles/390937aec01e0bcdaf2331227 |
jflyoo
/ Cobalt_Spawnto.csv
Created
July 28, 2022 19:01
— forked from MHaggis/Cobalt_Spawnto.csv
Cobalt Strike Spawnto from June 2021 to present (July 2021)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| x64_config_spawn_to_x64 | count | |
|---|---|---|
| %windir%\sysnative\RuntimeBroker.exe | 2 | |
| %windir%\sysnative\WUAUCLT.exe | 3 | |
| %windir%\sysnative\WerFault.exe | 7 | |
| %windir%\sysnative\adobe64.exe | 1 | |
| %windir%\sysnative\cmstp.exe | 1 | |
| %windir%\sysnative\dllhost.exe | 14 | |
| %windir%\sysnative\dllhost.exe -o enable | 1 | |
| %windir%\sysnative\eventvwr.exe | 1 | |
| %windir%\sysnative\gpresult.exe | 2 |
jflyoo
/ get_modules.py
Last active
March 12, 2022 01:50
— forked from MarkBaggett/1 - pythons_sinister_secrets.md
Come To The Darkside - Pythons Sinister Secrets
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def getmodules(mods = "root",depth=0,path=[],verbose=False): | |
| modlist = [] | |
| if mods == "root": | |
| mods = dict([(x,y) for (x,y) in globals().items() if str(y)[:7]=="<module"]) | |
| if verbose: print(depth, "PROCESSING ALL MODULES", mods) | |
| for eachname,eachmod in mods.items(): | |
| if verbose: print("+"*depth, "PATH {0} CURRENT ITEM {1}".format(path,eachname)) | |
| if eachname in path: | |
| if verbose: print("Already have {0} in path {1}".format(eachname,path)) | |
| continue |