COBALT STRIKE
Cobalt Strike is a penetration testing tool that allows attackers to deploy an agent named Beacon on the victim machine.
Field |
Type |
Description |
---|---|---|
services.cobalt_strike |
object |
|
services.cobalt_strike.x64 |
object |
|
services.cobalt_strike.x64.cookie_beacon |
unsigned_long |
|
services.cobalt_strike.x64.crypto_scheme |
unsigned_long |
|
services.cobalt_strike.x64.dns |
boolean |
|
services.cobalt_strike.x64.http_get |
object |
|
services.cobalt_strike.x64.http_get.client |
text |
|
services.cobalt_strike.x64.http_get.uri |
text |
|
services.cobalt_strike.x64.http_get.verb |
text |
|
services.cobalt_strike.x64.http_post |
object |
|
services.cobalt_strike.x64.http_post.client |
text |
|
services.cobalt_strike.x64.http_post.uri |
text |
|
services.cobalt_strike.x64.http_post.verb |
text |
|
services.cobalt_strike.x64.jitter |
unsigned_long |
|
services.cobalt_strike.x64.killdate |
unsigned_long |
|
services.cobalt_strike.x64.post_ex |
object |
|
services.cobalt_strike.x64.post_ex.x64 |
text |
|
services.cobalt_strike.x64.post_ex.x86 |
text |
|
services.cobalt_strike.x64.public_key |
text |
|
services.cobalt_strike.x64.sleep_time |
unsigned_long |
|
services.cobalt_strike.x64.ssl |
boolean |
|
services.cobalt_strike.x64.unknown_bytes |
object |
|
services.cobalt_strike.x64.unknown_bytes.key |
unsigned_long |
|
services.cobalt_strike.x64.unknown_bytes.value |
text |
|
services.cobalt_strike.x64.unknown_int |
object |
|
services.cobalt_strike.x64.unknown_int.key |
unsigned_long |
|
services.cobalt_strike.x64.unknown_int.value |
unsigned_long |
|
services.cobalt_strike.x64.user_agent |
text |
|
services.cobalt_strike.x64.watermark |
unsigned_long |
|
services.cobalt_strike.x86 |
object |
|
services.cobalt_strike.x86.cookie_beacon |
unsigned_long |
|
services.cobalt_strike.x86.crypto_scheme |
unsigned_long |
|
services.cobalt_strike.x86.dns |
boolean |
|
services.cobalt_strike.x86.http_get |
object |
|
services.cobalt_strike.x86.http_get.client |
text |
|
services.cobalt_strike.x86.http_get.uri |
text |
|
services.cobalt_strike.x86.http_get.verb |
text |
|
services.cobalt_strike.x86.http_post |
object |
|
services.cobalt_strike.x86.http_post.client |
text |
|
services.cobalt_strike.x86.http_post.uri |
text |
|
services.cobalt_strike.x86.http_post.verb |
text |
|
services.cobalt_strike.x86.jitter |
unsigned_long |
|
services.cobalt_strike.x86.killdate |
unsigned_long |
|
services.cobalt_strike.x86.post_ex |
object |
|
services.cobalt_strike.x86.post_ex.x64 |
text |
|
services.cobalt_strike.x86.post_ex.x86 |
text |
|
services.cobalt_strike.x86.public_key |
text |
|
services.cobalt_strike.x86.sleep_time |
unsigned_long |
|
services.cobalt_strike.x86.ssl |
boolean |
|
services.cobalt_strike.x86.unknown_bytes |
object |
|
services.cobalt_strike.x86.unknown_bytes.key |
unsigned_long |
|
services.cobalt_strike.x86.unknown_bytes.value |
text |
|
services.cobalt_strike.x86.unknown_int |
object |
|
services.cobalt_strike.x86.unknown_int.key |
unsigned_long |
|
services.cobalt_strike.x86.unknown_int.value |
unsigned_long |
|
services.cobalt_strike.x86.user_agent |
text |
|
services.cobalt_strike.x86.watermark |
unsigned_long |
Comments
0 comments
Article is closed for comments.