Pybeacon : A Collection Of Scripts For Dealing With Cobalt Strike Beacons In Python

PyBeacon is a collection of scripts for dealing with Cobalt Strike’s encrypted traffic. It can encrypt/decrypt beacon metadata, as well as parse symmetric encrypted taskings.

Scripts Included

There is a small library which includes encryption/decoding methods, however some example scripts are included.

  • stager-decode.py – this tool will simply decode a beacon DLL from a stager URL (you can use it to extract the public key).
  • register.py – this tool deals with RSA encrypted metadata and can register a new (fake) beacon on a target Teamserver.
  • tasktool.py – this tool deals with AES encrypted taskings to/from the teamserver. Use it to send callbacks to the teamserver, or for decoding taskings from a Teamserver to the beacon.
  • cs-3-5-rce.py – This is an implementation of the exploit used to exploit CS < 3.5-hf1, which was used in the wild to hack Cobalt Strike servers. It works by registering a beacon with a directory traversal in the IP address field. It then subsequently registers a download callback which causes the “download” to be uploaded anywhere on the target file system. The ITW exploit used a cronjob to achieve RCE.

TODO

  • Add more task types to the task decoding logic
  • Add decoding for beacon taskings. At the moment some “generic” logic is used, but it’s not really helpful
R K

Recent Posts

How to Use the Windows Registry to optimize and control your PC.

The Windows Registry Editor lets you easily view and control critical Windows system and application…

1 hour ago

MQTT Security: Securing IoT Communications

In the rapidly expanding Internet of Things (IoT) ecosystem, billions of devices are constantly exchanging…

9 hours ago

How Do I Do Reverse Image Search

Have you ever come across a picture on the internet and wondered where it came…

1 week ago

WhatsMyName App – Find Anyone Across 640+ Platforms

Overview WhatsMyName is a free, community-driven OSINT tool designed to identify where a username exists…

3 weeks ago

Analyzing Directory Size Linux Tools Explained

Managing disk usage is a crucial task for Linux users and administrators alike. Understanding which…

3 weeks ago

Understanding Disk Usage with du Command

Efficient disk space management is vital in Linux, especially for system administrators who manage servers…

3 weeks ago