Cobaltstrike系列教程(十)安裝擴展

0x000-前文

有技術交流或滲透測試培訓需求的朋友歡迎聯繫QQ547006660
2000人網絡安全交流羣，歡迎大佬們來玩
羣號820783253

0x001-擴展的加載

擴展是Cobaltstrike一個極爲重要的模塊，它有效地豐盈了cobaltstrike的功能
選擇菜單欄的CobaltStrike–>腳本管理器，點擊load，然後選擇cna擴展文件即可，旁邊的unload爲去除該擴展，，reload爲重新加載該擴展

0x002-個人常用擴展

本人在此放出幾個自己常用的擴展，老哥們可以回覆下載

0x003-其他擴展彙總(來自WBG老哥)

腳本名稱：elevate.cna
腳本功能：增加五種提權方式

腳本名稱：ProcessTree.cna
腳本功能：讓ps命令可以顯示父子關係並顯示顏色

腳本名稱：CVE-2018-4878.cna
腳本功能：CVE-2018-4878.cna

腳本名稱：ArtifactPayloadGenerator.cna
腳本功能：創建多種類型的payload。生成的文件在cs目錄下的opt\cobaltstrike

腳本名稱：AVQuery.cna
腳本功能：查詢目標所安裝的所有殺軟

腳本名稱：CertUtilWebDelivery.cna
腳本功能：利用CertUtil和rundll32生成會話這個應該都知道了解

腳本名稱：RedTeamRepo.cna
腳本功能：就是提示一下常用的滲透命令

腳本名稱：ProcessColor.cna
腳本功能：顯示帶有顏色的進程列表(不同顏色有不同含義)

腳本名稱：EDR.cna
腳本功能：檢查有無終端安全產品

腳本名稱：logvis.cna
腳本功能：顯示Beacon命令日誌

腳本名稱：ProcessMonitor.cna
腳本功能：記錄一段時間內程序啓動的情況

腳本名稱：SMBPayloadGenerator.cna
腳本功能：生成基於SMB的payload

腳本名稱：Persistence/Persistence_Menu.cna
腳本功能：持久化控制集合
備註:這個腳本是同目錄腳本的一個集合

腳本名稱：Eternalblue.cna 腳本功能：ms17-010
https://gist.github.com/rsmudge/9b54a66744a94f3950cc171254057942
備註：調用exploit/windows/smb/ms17_010_eternalblue

更多:https://mp.weixin.qq.com/s/CEI1XYkq2PZmYsP0DRU7jg
個人認位這位老哥整理的已經很全面了，爲了方便查看我將裏面的一些集合腳本介紹圖片列了出來。

https://github.com/harleyQu1nn/AggressorScripts

https://github.com/bluscreenofjeff/AggressorScripts

https://github.com/michalkoczwara/aggressor_scripts_collection

https://github.com/vysec/Aggressor-VYSEC

https://github.com/killswitch-GUI/CobaltStrike-ToolKit

https://github.com/ramen0x3f/AggressorScripts

https://github.com/rasta-mouse/Aggressor-Script

https://github.com/Und3rf10w/Aggressor-scripts

https://github.com/001SPARTaN/aggressor_scripts

https://github.com/gaudard/scripts/tree/master/red-team/aggressor
https://github.com/branthale/CobaltStrikeCNA
https://github.com/threatexpress/aggressor-scripts https://github.com/threatexpress/red-team-scripts https://github.com/threatexpress/persistence-aggressor-script

https://github.com/FortyNorthSecurity/AggressorAssessor

腳本來源:

https://github.com/rsmudge/ElevateKit
https://github.com/vysec/CVE-2018-4878 https://github.com/harleyQu1nn/AggressorScripts https://github.com/bluscreenofjeff/AggressorScripts https://github.com/ramen0x3f/AggressorScripts
https://github.com/360-A-Team/CobaltStrike-Toolset https://github.com/ars3n11/Aggressor-Scripts https://github.com/michalkoczwara/aggressor_scripts_collection https://github.com/vysec/Aggressor-VYSEC
https://github.com/killswitch-GUI/CobaltStrike-ToolKit https://github.com/ZonkSec/persistence-aggressor-script https://github.com/ramen0x3f/AggressorScripts
https://github.com/rasta-mouse/Aggressor-Script https://github.com/RhinoSecurityLabs/Aggressor-Scripts https://github.com/Und3rf10w/Aggressor-scripts
https://github.com/Kevin-Robertson/Inveigh
https://github.com/Genetic-Malware/Ebowla https://github.com/001SPARTaN/aggressor_scripts https://github.com/gaudard/scripts/tree/master/red-team/aggressor https://github.com/branthale/CobaltStrikeCNA https://github.com/oldb00t/AggressorScripts https://github.com/p292/Phant0m_cobaltstrike https://github.com/p292/DDEAutoCS https://github.com/secgroundzero/CS-Aggressor-Scripts https://github.com/skyleronken/Aggressor-Scripts https://github.com/tevora-threat/aggressor-powerview https://github.com/tevora-threat/PowerView3-Aggressor https://github.com/threatexpress/aggressor-scripts https://github.com/threatexpress/red-team-scripts
https://github.com/threatexpress/persistence-aggressor-script https://github.com/FortyNorthSecurity/AggressorAssessor https://github.com/mdsecactivebreach/CACTUSTORCH https://github.com/C0axx/AggressorScripts https://github.com/offsecginger/AggressorScripts https://github.com/tomsteele/cs-magik https://github.com/bitsadmin/nopowershell https://github.com/SpiderLabs/SharpCompile https://github.com/SpiderLabs/SharpCompile https://github.com/realoriginal/reflectivepotato
還有很多很多我就不列出來了太麻煩了。

0x004-下載
本人常用擴展
鏈接：https://pan.baidu.com/s/19xoyAOfhsdnhx5CPoJEa-w
提取碼：byx2