Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/darkr4y/geacon
Practice Go programming and implement CobaltStrike's Beacon in Go
https://github.com/darkr4y/geacon
beacon cobaltstrike go golang reverse-engineering
Last synced: 3 days ago
JSON representation
Practice Go programming and implement CobaltStrike's Beacon in Go
- Host: GitHub
- URL: https://github.com/darkr4y/geacon
- Owner: darkr4y
- Created: 2020-02-14T14:01:29.000Z (almost 5 years ago)
- Default Branch: master
- Last Pushed: 2020-10-02T10:34:37.000Z (about 4 years ago)
- Last Synced: 2024-11-21T21:21:43.136Z (20 days ago)
- Topics: beacon, cobaltstrike, go, golang, reverse-engineering
- Language: Go
- Size: 390 KB
- Stars: 1,149
- Watchers: 36
- Forks: 206
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-golang-repositories - geacon
- awesome-hacking-lists - darkr4y/geacon - Practice Go programming and implement CobaltStrike's Beacon in Go (Go)
README
# Geacon
**Using Go to implement CobaltStrike's Beacon**
----
*This project is for learning protocol analysis and reverse engineering only, if someone's rights have been violated, please contact me to remove the project, and the last DO NOT USE IT ILLEGALLY*
## How to play
1. Setup the teamserver and start a http lisenter, the teamserver will generate the file `.cobaltstrike.beacon_keys`.
2. Compile the BeaconTool with Jetbrains Idea, use command `java -jar BeaconTool.jar ` to convert java keystore to PEM format.
3. Replace the RSA key pair in the file `cmd/config/config.go` (the RSA private key is not required, I wrote it in the code just for the record)
4. Compile the geacon whatever platform you want to run: for example, use the command `export GOOS="darwin" && export GOARCH="amd64" && go build cmd/main.go` to compile an executable binary running on MacOS.
5. Having fun ! PR and issue is welcome ;)
6. Geacon has just been tested on CobaltStrike 3.14 and only support default c2profile, so many hardcode in the project and I will not try to implement more C2profile support at this moment.
7. Thanks for **[@xxxxxyyyy](https://github.com/xxxxxyyyy)**'s PR, And now Geacon supports **CobaltStrike 4.0**, please checkout the branch `4.0` to compile.
8. Geacon's branch `master` supports **CobaltStrike 4.1**, currently available functions include: executing commands, uploading, downloading, file browser, switching the current working directory, and exiting the current process.
9. Geacon only focuses on protocol analysis, but if you want to experience more features, you can use another project of our partners, check out **[CrossC2](https://github.com/gloxec/CrossC2)** now!## Screenshot
Get the Geacon's command execution results on Linux.
![login](https://github.com/darkr4y/geacon/raw/master/screenshots/sc.png)## Protocol analysis
To be continued, I will update as soon as I have time ...
## Todo
1. ~~Support CobaltStrike 4.x~~
2. Fix the OS icon issue in session table
3. String encoding issue*_DarkRay@RedCore*