Support more Cobalt Strike C2 profiles #121
Labels
good first issue
This issue or pull request is well-defined and good for newcomers
improvement
This issue or pull request will add or improve functionality, maintainability, or ease of use
Comments
jsf9k
added
good first issue
8 tasks
jsf9k
added a commit
that referenced
this issue
May 27, 2021
jsf9k
added a commit
that referenced
this issue
May 28, 2021
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
💡 Summary
In #118 we add an
https-certificateblock to the Amazon and OCSP Cobalt Strike C2 profiles from rsmudge/Malleable-C2-Profiles. It would be a nice improvement to instead allow the user to provide a list of C2 profiles to which anhttps-certificateblock should be added; alternatively, the user could provide as an input one or more directories containing C2 profiles and we could add anhttps-certificateblock to each*.profilefiles in those directories.It also makes sense to allow the user to specify the location of the Java keystore.
Motivation and context
@dav3r mentioned in #118 that this would be a nice improvement to this repository. It would support a more general use case beyond just the Amazon and OCSP Cobalt Strike C2 profiles.
Acceptance criteria
add-https-certificate-block-to-cs-profiles.tpl.shtakes as an input a list of Cobalt Strike C2 profile files (or, alternatively, a list of directories containing such profiles) to which anhttps-certificateblock should be added.add-https-certificate-block-to-cs-profiles.tpl.shadds anhttps-certificateblock to each of the Cobalt Strike C2 profiles in the previous list item.add-https-certificate-block-to-cs-profiles.tpl.shtakes as an input the location of the Java keystore to be created.add-https-certificate-block-to-cs-profiles.tpl.shuses the Java keystore location when populating thehttps-certificateblocks in the Cobalt Strike C2 profiles.The text was updated successfully, but these errors were encountered: