├── .gitignore ├── Main.cna ├── Persistence ├── EasyPersistent.cna └── Modules │ ├── AdUserApi │ └── HaryyUser.exe │ ├── Exitservice │ └── uinit.exe │ ├── FileControler │ ├── FileControler_x64.dll │ └── FileControler_x86.dll │ ├── Msdtc32 │ └── reflective_dll.dll │ ├── Netapi32 │ ├── api.dll │ └── reflective_dll.dll │ ├── RdpEnable │ ├── SetRdpPort.ps1 │ └── reflective_dll.dll │ ├── Services │ ├── TransitEXE.exe │ └── reflective_dll.dll │ ├── ShadowUser │ └── scvhost.exe │ ├── StartUp │ └── reflective_dll.dll │ ├── Task_Scheduler │ └── reflective_dll.dll │ └── Wmi │ └── Wmi_Persistence.ps1 ├── PrivilegeEscalation ├── CVE_2020_0787.cna ├── CVE_2020_0796_CNA_4.2.cna └── ReflectionDLL │ ├── CVE_2020_0787_x64.dll │ ├── CVE_2020_0787_x86.dll │ └── CVE_2020_0796_x64.dll ├── README.md ├── Supports ├── beacon_notify.cna └── beacon_output_ps.cna └── img ├── AddUser.png ├── AddUser_api.png ├── Easy.gif └── service.gif /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yanghaoi/CobaltStrike_CNA/HEAD/.gitignore -------------------------------------------------------------------------------- /Main.cna: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yanghaoi/CobaltStrike_CNA/HEAD/Main.cna -------------------------------------------------------------------------------- /Persistence/EasyPersistent.cna: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yanghaoi/CobaltStrike_CNA/HEAD/Persistence/EasyPersistent.cna -------------------------------------------------------------------------------- /Persistence/Modules/AdUserApi/HaryyUser.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yanghaoi/CobaltStrike_CNA/HEAD/Persistence/Modules/AdUserApi/HaryyUser.exe -------------------------------------------------------------------------------- /Persistence/Modules/Exitservice/uinit.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yanghaoi/CobaltStrike_CNA/HEAD/Persistence/Modules/Exitservice/uinit.exe -------------------------------------------------------------------------------- /Persistence/Modules/FileControler/FileControler_x64.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yanghaoi/CobaltStrike_CNA/HEAD/Persistence/Modules/FileControler/FileControler_x64.dll -------------------------------------------------------------------------------- /Persistence/Modules/FileControler/FileControler_x86.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yanghaoi/CobaltStrike_CNA/HEAD/Persistence/Modules/FileControler/FileControler_x86.dll -------------------------------------------------------------------------------- /Persistence/Modules/Msdtc32/reflective_dll.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yanghaoi/CobaltStrike_CNA/HEAD/Persistence/Modules/Msdtc32/reflective_dll.dll -------------------------------------------------------------------------------- /Persistence/Modules/Netapi32/api.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yanghaoi/CobaltStrike_CNA/HEAD/Persistence/Modules/Netapi32/api.dll -------------------------------------------------------------------------------- /Persistence/Modules/Netapi32/reflective_dll.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yanghaoi/CobaltStrike_CNA/HEAD/Persistence/Modules/Netapi32/reflective_dll.dll -------------------------------------------------------------------------------- /Persistence/Modules/RdpEnable/SetRdpPort.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yanghaoi/CobaltStrike_CNA/HEAD/Persistence/Modules/RdpEnable/SetRdpPort.ps1 -------------------------------------------------------------------------------- /Persistence/Modules/RdpEnable/reflective_dll.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yanghaoi/CobaltStrike_CNA/HEAD/Persistence/Modules/RdpEnable/reflective_dll.dll -------------------------------------------------------------------------------- /Persistence/Modules/Services/TransitEXE.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yanghaoi/CobaltStrike_CNA/HEAD/Persistence/Modules/Services/TransitEXE.exe -------------------------------------------------------------------------------- /Persistence/Modules/Services/reflective_dll.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yanghaoi/CobaltStrike_CNA/HEAD/Persistence/Modules/Services/reflective_dll.dll -------------------------------------------------------------------------------- /Persistence/Modules/ShadowUser/scvhost.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yanghaoi/CobaltStrike_CNA/HEAD/Persistence/Modules/ShadowUser/scvhost.exe -------------------------------------------------------------------------------- /Persistence/Modules/StartUp/reflective_dll.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yanghaoi/CobaltStrike_CNA/HEAD/Persistence/Modules/StartUp/reflective_dll.dll -------------------------------------------------------------------------------- /Persistence/Modules/Task_Scheduler/reflective_dll.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yanghaoi/CobaltStrike_CNA/HEAD/Persistence/Modules/Task_Scheduler/reflective_dll.dll -------------------------------------------------------------------------------- /Persistence/Modules/Wmi/Wmi_Persistence.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yanghaoi/CobaltStrike_CNA/HEAD/Persistence/Modules/Wmi/Wmi_Persistence.ps1 -------------------------------------------------------------------------------- /PrivilegeEscalation/CVE_2020_0787.cna: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yanghaoi/CobaltStrike_CNA/HEAD/PrivilegeEscalation/CVE_2020_0787.cna -------------------------------------------------------------------------------- /PrivilegeEscalation/CVE_2020_0796_CNA_4.2.cna: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yanghaoi/CobaltStrike_CNA/HEAD/PrivilegeEscalation/CVE_2020_0796_CNA_4.2.cna -------------------------------------------------------------------------------- /PrivilegeEscalation/ReflectionDLL/CVE_2020_0787_x64.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yanghaoi/CobaltStrike_CNA/HEAD/PrivilegeEscalation/ReflectionDLL/CVE_2020_0787_x64.dll -------------------------------------------------------------------------------- /PrivilegeEscalation/ReflectionDLL/CVE_2020_0787_x86.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yanghaoi/CobaltStrike_CNA/HEAD/PrivilegeEscalation/ReflectionDLL/CVE_2020_0787_x86.dll -------------------------------------------------------------------------------- /PrivilegeEscalation/ReflectionDLL/CVE_2020_0796_x64.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yanghaoi/CobaltStrike_CNA/HEAD/PrivilegeEscalation/ReflectionDLL/CVE_2020_0796_x64.dll -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yanghaoi/CobaltStrike_CNA/HEAD/README.md -------------------------------------------------------------------------------- /Supports/beacon_notify.cna: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yanghaoi/CobaltStrike_CNA/HEAD/Supports/beacon_notify.cna -------------------------------------------------------------------------------- /Supports/beacon_output_ps.cna: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yanghaoi/CobaltStrike_CNA/HEAD/Supports/beacon_output_ps.cna -------------------------------------------------------------------------------- /img/AddUser.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yanghaoi/CobaltStrike_CNA/HEAD/img/AddUser.png -------------------------------------------------------------------------------- /img/AddUser_api.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yanghaoi/CobaltStrike_CNA/HEAD/img/AddUser_api.png -------------------------------------------------------------------------------- /img/Easy.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yanghaoi/CobaltStrike_CNA/HEAD/img/Easy.gif -------------------------------------------------------------------------------- /img/service.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yanghaoi/CobaltStrike_CNA/HEAD/img/service.gif --------------------------------------------------------------------------------