cobalt_strike_extension_kit

Looking for an all in one for a lot of current tradecraft? Clone this.

I do not take credit for most of this work. A lot of this work was influenced by Outflank, Specter Ops (0xThirteen) Mainly, and seeing other Aggressor Script Repositories. The purpose of this was to aggregate Cobalt Strike supplements used during engagements.

For OPSec, you may want to provide your own binaries. The binaries provided may get flagged by A/V, but do work in lower maturity environments and Certification lab environments.

06/25/2020 - Added more tradecraft and made Extension Kit more workflow driven. Some items are mapped to Mitre - will expand on this in the future.

To-Do

Continue Expanding, try to implement more Offense In Depth e.g., multiple ways to do one thing.

With Offense In Depth, add items that reflect low security maturity and items that reflect higher level maturity to gauge clients. Also may be useful in purple team engagements when using various forms of tradecraft for example - kerberoast with powershell and kerberoast with rubeus

Improve Mitre Mapping to items

Usage
cd /opt/
git clone https://github.com/josephkingstone/cobaltstrike_extension_kit.git
Go to cobalt strike's script manager and load csek.cna

These Tools are not C#, but need to be incorporated into toolset

https://github.com/outflanknl/Spray-AD
https://github.com/outflanknl/Recon-AD
https://github.com/0x09AL/RdpThief
https://github.com/outflanknl/Ps-Tools