CobaltStrikeScan icon
CobaltStrikeScan icon

CobaltStrikeScan

Scan files or process memory for Cobalt Strike beacons and parse their configuration.

CobaltStrikeScan screenshot 1

Cost / License

  • Free
  • Open Source

Platforms

  • Windows
CobaltStrikeScan screenshot 1
Alternatives  
-
No reviews
0likes
0comments
1alternative
0news articles

Features

Suggest and vote on features
No features, maybe you want to suggest one?

 Tags

CobaltStrikeScan News & Activities

Highlights All activities

Recent activities

No activities found.

CobaltStrikeScan information

  • Developed by

    Apr4h

  • Licensing

    Open Source (MIT) and Free product.

  • Written in

  • Alternatives

    1 alternatives listed

  • Supported Languages

    • English

GitHub repository

  •  920 Stars
  •  118 Forks
  •  3 Open Issues
  •   Updated  
View on GitHub

Popular alternatives

View all
CobaltStrikeScan was added to AlternativeTo by Sam Lander on and this page was last updated .
No comments or reviews, maybe you want to be first?
Post comment/review

What is CobaltStrikeScan?

Scan files or process memory for Cobalt Strike beacons and parse their configuration.

CobaltStrikeScan scans Windows process memory for evidence of DLL injection (classic or reflective injection) and/or performs a YARA scan on the target process' memory for Cobalt Strike v3 and v4 beacon signatures.

Alternatively, CobaltStrikeScan can perform the same YARA scan on a file supplied by absolute or relative path as a command-line argument.

If a Cobalt Strike beacon is detected in the file or process, the beacon's configuration will be parsed and displayed to the console.

Official Links

AppStores & Other Links