{"id":18555362,"url":"https://github.com/0x727/aggressorscripts_0x727","last_synced_at":"2025-04-09T23:32:16.377Z","repository":{"id":50418462,"uuid":"392561191","full_name":"0x727/AggressorScripts_0x727","owner":"0x727","description":"Cobalt Strike AggressorScripts For Red Team","archived":false,"fork":false,"pushed_at":"2021-08-04T08:07:21.000Z","size":49552,"stargazers_count":154,"open_issues_count":1,"forks_count":26,"subscribers_count":9,"default_branch":"main","last_synced_at":"2025-03-24T13:44:07.021Z","etag":null,"topics":["cobaltstrike-cna","readteaming","redteam"],"latest_commit_sha":null,"homepage":"https://0x727.github.io/AggressorScripts_0x727/","language":"PowerShell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/0x727.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2021-08-04T05:28:46.000Z","updated_at":"2025-01-20T01:52:43.000Z","dependencies_parsed_at":"2022-07-31T17:48:56.858Z","dependency_job_id":null,"html_url":"https://github.com/0x727/AggressorScripts_0x727","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0x727%2FAggressorScripts_0x727","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0x727%2FAggressorScripts_0x727/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0x727%2FAggressorScripts_0x727/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0x727%2FAggressorScripts_0x727/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/0x727","download_url":"https://codeload.github.com/0x727/AggressorScripts_0x727/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248129911,"owners_count":21052659,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cobaltstrike-cna","readteaming","redteam"],"created_at":"2024-11-06T21:26:17.773Z","updated_at":"2025-04-09T23:32:11.356Z","avatar_url":"https://github.com/0x727.png","language":"PowerShell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Aggressor Scripts\n\n[English](./README.md) | [中文简体](./README_zh.md)\n\n\n| Category | Instruction |\n| ---- | --- |\n| Author | [Rvn0xsy](https://github.com/Rvn0xsy) | \n| Team | [0x727](https://github.com/0x727) Open source tools will continue for some time to come |\n| Position | This project integrates multiple AggressorScripts and multiple PE files to form a CNA-only toolkit, which needs to be loaded on Cobalt Strike for browsing capabilities and rapid penetration.|\n| Language | Aggressor Script、C++、C# |\n| Function | Support red team penetration testing in multiple scenarios of Cobalt Strike | \n\n\n\n## What is Aggressor Scripts ?\n\n[Aggressor Script](https://cobaltstrike.com/aggressor-script/index.html) is the scripting language built into Cobalt Strike, version 3.0, and later. Aggresor Script allows you to modify and extend the Cobalt Strike client.\n\n## Why Aggressor Scripts ?\n\nAggressor Script is the scripting language built into Cobalt Strike, version 3.0, and later. Aggresor Script allows you to modify and extend the Cobalt Strike client.\n\n## Quick start Installation\n\n**Download Install**\n\nDownload [Release](https://github.com/0x727/AggressorScripts_0x727/releases) Zip File.\n\n**Git Download**\n\n```bash\n$ git clone https://github.com/0x727/AggressorScripts_0x727\n```\n\n## Usage example\n\n\nPlease follow the [Cobalt Strike Aggressor Script](https://cobaltstrike.com/aggressor-script/index.html) documentation\n\n\u003e Users need to understand the basic concepts of Cobalt Strike Aggressor Script\n\n\n## CHANGE LOG\n\n\n**2020/01/08**\n\n- Support Pass-The-Hash(PTH)\n- Support DcSync\n- Support Clone User\n- Support Mimikatz logonPasswords\n- Support Mimikatz Skeleton\n- Support Dump krbtgt Hash\n- Support Create Golden ticket\n- Support Impersonate Process Token\n\n**2020/01/08**\n\n- Support [Frp](https://github.com/fatedier/frp) Config\n- Support Dump Navicat Passwords\n- Support Dump Browser Passwords\n\n**2020/07/07**\n\n- Support PrintSpool local privilege escalation\n- Support [atexec](https://payloads.online/archivers/2020-06-28/1)\n- Support SpwanReflectiveC2\n- Support DingDing Robot (MacOS,Windows 10,Linux)\n- Fix several Powershell script loading problems\n\n**2020/07/10**\n\n- Update the reflection DLL derived from Aliyun C2\n\n\u003e Since Cobaltstrike 4.0 has a problem with judging the number of processes, temporarily use the x86 test to pass\n\n**2020/03/11**\n\n- [Support DingDing robot reminder](./DingPack/DIngPack.cna)\n\n\n### Mimikatz\n\n- Support Pass-The-Hash(PTH)\n- Support DcSync\n- Support Clone User\n- Support Mimikatz logonPasswords\n- Support Mimikatz Skeleton\n- Support Dump krbtgt Hash\n- Support the creation of Golden ticket\n- Support for listing access tokens, access token privilege elevation, and access token counterfeiting\n- One-click execution Dump lsass.exe\n- One-click execution Lazagne.exe\n- One-click execution Dump Navicat Passwords\n- One-click execution Bloodhund Powershell\n- One-click execution Bloodhund C#\n\n\n![](images/2020-01-08-17-00-32.png)\n\n\n### Procdump \u0026\u0026 Lazagne \u0026\u0026 Navicat\n\n- One-click execution Dump lsass.exe\n- One-click execution [Lazagne](https://github.com/AlessandroZ/LaZagne)\n- One-click execution Dump Navicat Passwords\n\n![](images/2020-01-08-17-02-13.png)\n\n![](images/2020-01-08-17-40-51.png)\n\n**Lazagne.exe file bottleneck, need to wait**\n\n### Bloodhound\n\n- One-click execution [Bloodhound](https://github.com/BloodHoundAD/BloodHound) Powershell\n- One-click execution Bloodhound C#\n\n![](images/2020-01-08-17-03-57.png)\n\n\n## Key technology\n\n- [Cobalt Strike Aggressor Script （第一课）](https://payloads.online/archivers/2020-03-02/4)\n- [Cobalt Strike Aggressor Script （第二课）](https://payloads.online/archivers/2020-03-02/5)\n- [通过反射DLL注入来构建后渗透模块（第一课）](https://payloads.online/archivers/2020-03-02/1)\n- [如何实现一个Atexec](https://payloads.online/archivers/2020-06-28/1)\n- [如何实现一个Psexec](https://payloads.online/archivers/2020-04-02/1)\n\n\n## Contributing\n\nInterested in getting involved? We would like to help you!\n\n* Take a look at our [issues list](https://github.com/0x727/AggressorScripts_0x727/issues) and consider sending a Pull Request to **dev branch**.\n* If you want to add a new feature, please create an issue first to describe the new feature, as well as the implementation approach. Once a proposal is accepted, create an implementation of the new features and submit it as a pull request.\n* Sorry for my poor English. Improvements for this document are welcome, even some typo fixes.\n* If you have great ideas, email 0x727Team@gmail.com.\n\n## Stargazers over time\n\n[![Stargazers over time](https://starchart.cc/0x727/AggressorScripts_0x727.svg)](https://github.com/0x727/AggressorScripts_0x727)\n\n\n## Thanks for these open source projects\n\n- [LaZagne](https://github.com/AlessandroZ/LaZagne)\n- [Mimikatz](https://github.com/gentilkiwi/mimikatz)\n- [Bloodhound](https://github.com/BloodHoundAD/BloodHound)\n- [PowerSploit](https://github.com/PowerShellMafia/PowerSploit)\n- [frp](https://github.com/fatedier/frp)\n- [BrowserGhost](https://github.com/QAX-A-Team/BrowserGhost)\n- [Ladon](https://github.com/k8gege/Ladon)\n- ...","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F0x727%2Faggressorscripts_0x727","html_url":"https://awesome.ecosyste.ms/projects/github.com%2F0x727%2Faggressorscripts_0x727","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F0x727%2Faggressorscripts_0x727/lists"}