{"version":1,"pages":[{"id":"-MDZyrMvy9YijTbbXwM2","title":"前言","pathname":"/cobalt-strike","siteSpaceId":"sitesp_H5c5U","description":"文档迁移到新版gitbook旧版废弃以删除"},{"id":"-MDZyx9XV97wKyqw4GQO","title":"目录","pathname":"/cobalt-strike/mu-lu","siteSpaceId":"sitesp_H5c5U","description":""},{"id":"-MDZyx9YWKYE1N7-q5Te","title":"Cobalt Strike简介","pathname":"/cobalt-strike/cobalt-strikejian-jie","siteSpaceId":"sitesp_H5c5U","description":""},{"id":"-MDZyx9ZyTqWu0DmefUy","title":"Cobalt Strike基本使用","pathname":"/cobalt-strike/cobalt-strikeji-ben-shi-yong","siteSpaceId":"sitesp_H5c5U","description":""},{"id":"-MDnCtxKPVOsP0C2hLBU","title":"界面功能介绍","pathname":"/cobalt-strike/cobalt-strikeji-ben-shi-yong/jie-mian-gong-neng-jie-shao","siteSpaceId":"sitesp_H5c5U","description":"","breadcrumbs":[{"label":"Cobalt Strike基本使用"}]},{"id":"-MDocVt-dRSCZ6YnfzE8","title":"CS4.0功能演示","pathname":"/cobalt-strike/cobalt-strikeji-ben-shi-yong/cs4.0-gong-neng-yan-shi","siteSpaceId":"sitesp_H5c5U","description":"","breadcrumbs":[{"label":"Cobalt Strike基本使用"}]},{"id":"-MECSLI8xdMm85TN_eeS","title":"监听器（Listener）","pathname":"/cobalt-strike/cobalt-strikeji-ben-shi-yong/jian-ting-qi-listener","siteSpaceId":"sitesp_H5c5U","description":"","breadcrumbs":[{"label":"Cobalt Strike基本使用"}]},{"id":"-MDZyx9aCr5_I3g6faBQ","title":"Cobalt Strike Beacon命令","pathname":"/cobalt-strike/cobalt-strikemo-kuai-jie-shao","siteSpaceId":"sitesp_H5c5U","description":""},{"id":"-MDZyx9bO7jG8vOX6SKx","title":"Cobalt Strike脚本使用","pathname":"/cobalt-strike/cobalt-strikejiao-ben-shi-yong","siteSpaceId":"sitesp_H5c5U","description":"本页是原3.x的时候写的，到现在为止3.x和4.x有小部分函数不兼容不过大部分都没问题通用，日后有时间在补上"},{"id":"-MDZyx9i3OQMmE7VBZT8","title":"Cobalt Strike脚本编写","pathname":"/cobalt-strike/cobalt-strikejiao-ben-bian-xie","siteSpaceId":"sitesp_H5c5U","description":""},{"id":"-MDz1voI5E1j6JujeVoH","title":"aggressor-script文档翻译","pathname":"/cobalt-strike/cobalt-strikejiao-ben-bian-xie/aggressorscript-wen-dang-fan-yi","siteSpaceId":"sitesp_H5c5U","description":"","breadcrumbs":[{"label":"Cobalt Strike脚本编写"}]},{"id":"-MDZyx9jvxZDllOx18vp","title":"ArtifactPayloadGenerator.cna脚本bug修复","pathname":"/cobalt-strike/cobalt-strikejiao-ben-bian-xie/artifactpayloadgeneratorcnajiao-ben-bug-xiu-fu","siteSpaceId":"sitesp_H5c5U","description":"","breadcrumbs":[{"label":"Cobalt Strike脚本编写"}]},{"id":"-MDZyx9kq1RSvaQ96mBN","title":"COM劫持利用脚本编写","pathname":"/cobalt-strike/cobalt-strikejiao-ben-bian-xie/comjie-chi-li-yong-jiao-ben-bian-xie","siteSpaceId":"sitesp_H5c5U","description":"","breadcrumbs":[{"label":"Cobalt Strike脚本编写"}]},{"id":"-MFo-WkTUCe-MfGFtBwK","title":"TODO","pathname":"/cobalt-strike/cobalt-strikejiao-ben-bian-xie/todo","siteSpaceId":"sitesp_H5c5U","description":"","breadcrumbs":[{"label":"Cobalt Strike脚本编写"}]},{"id":"-MDZyx9cCWu0HlaNcjbO","title":"Cobalt Strike扩展","pathname":"/cobalt-strike/cobalt-strikekuo-zhan","siteSpaceId":"sitesp_H5c5U","description":""},{"id":"-MDZyx9dV7Lgmj-0gd3C","title":"Malleable C2","pathname":"/cobalt-strike/cobalt-strikekuo-zhan/malleable-c2","siteSpaceId":"sitesp_H5c5U","description":"","breadcrumbs":[{"label":"Cobalt Strike扩展"}]},{"id":"-MDZyx9eu94WgWcHYwZH","title":"External C2","pathname":"/cobalt-strike/cobalt-strikekuo-zhan/external-c2","siteSpaceId":"sitesp_H5c5U","description":"这东西其实依靠的就是SMB Beacon payload","breadcrumbs":[{"label":"Cobalt Strike扩展"}]},{"id":"-MDZyx9fZycFue1oh704","title":"CS证书相关","pathname":"/cobalt-strike/cobalt-strikekuo-zhan/csmo-ren-duan-53e3-zheng-4e66-za-xiang","siteSpaceId":"sitesp_H5c5U","description":"","breadcrumbs":[{"label":"Cobalt Strike扩展"}]},{"id":"-MDZyx9g5m4wvfPXyLoM","title":"CS Beacon和监听器","pathname":"/cobalt-strike/cobalt-strikekuo-zhan/cs-beaconhe-jian-ting-qi","siteSpaceId":"sitesp_H5c5U","description":"","breadcrumbs":[{"label":"Cobalt Strike扩展"}]},{"id":"-MErx8QktxErtxxQrwm_","title":"转发重定向","pathname":"/cobalt-strike/cobalt-strikekuo-zhan/dai-xie","siteSpaceId":"sitesp_H5c5U","description":"","breadcrumbs":[{"label":"Cobalt Strike扩展"}]},{"id":"-MErx8qtgdswyajbpgDQ","title":"CDN代理转发","pathname":"/cobalt-strike/cobalt-strikekuo-zhan/dai-xie-1","siteSpaceId":"sitesp_H5c5U","description":"","breadcrumbs":[{"label":"Cobalt Strike扩展"}]},{"id":"-MFVWe_CgErRa-Nxk7Zr","title":"CDN与转发器","pathname":"/cobalt-strike/cobalt-strikekuo-zhan/dai-xie-3","siteSpaceId":"sitesp_H5c5U","description":"","breadcrumbs":[{"label":"Cobalt Strike扩展"}]},{"id":"-MKIvOjv4DOxd9Khhzd2","title":"CS部分功能启用","pathname":"/cobalt-strike/cobalt-strikekuo-zhan/cs-bu-fen-gong-neng-qi-yong","siteSpaceId":"sitesp_H5c5U","description":"","breadcrumbs":[{"label":"Cobalt Strike扩展"}]},{"id":"-MM4r_mI0ZtWXyIClOGK","title":"CS检测工具CobaltStrikeScan绕过","pathname":"/cobalt-strike/cobalt-strikekuo-zhan/cs-jian-ce-gong-ju-cobaltstrikescan","siteSpaceId":"sitesp_H5c5U","description":"","breadcrumbs":[{"label":"Cobalt Strike扩展"}]},{"id":"-MErx9NHJpQCYzFDPk45","title":"联动Core impact","pathname":"/cobalt-strike/cobalt-strikekuo-zhan/dai-xie-2","siteSpaceId":"sitesp_H5c5U","description":"","breadcrumbs":[{"label":"Cobalt Strike扩展"}]},{"id":"hCVu9Rq8MImCPN8xyp1S","title":"一些注意事项和Tips","pathname":"/cobalt-strike/cobalt-strikekuo-zhan/yi-xie-zhu-yi-shi-xiang-he-tips","siteSpaceId":"sitesp_H5c5U","description":"","breadcrumbs":[{"label":"Cobalt Strike扩展"}]},{"id":"-MDz2C2cFZvzoNnvpG8w","title":"Cobalt Strike原理介绍","pathname":"/cobalt-strike/cobalt-strike-yuan-li-jie-shao","siteSpaceId":"sitesp_H5c5U","description":""},{"id":"-MDz2R8eE_BvJtSMt29a","title":"介绍","pathname":"/cobalt-strike/cobalt-strike-yuan-li-jie-shao/untitled","siteSpaceId":"sitesp_H5c5U","description":"","breadcrumbs":[{"label":"Cobalt Strike原理介绍"}]},{"id":"-MFYg020wKRaO9diDIY5","title":"Payload生成分析","pathname":"/cobalt-strike/cobalt-strike-yuan-li-jie-shao/payload-sheng-cheng","siteSpaceId":"sitesp_H5c5U","description":"","breadcrumbs":[{"label":"Cobalt Strike原理介绍"}]},{"id":"-MeODl65E2pxpqveTBCC","title":"Payload生成分析后续补充","pathname":"/cobalt-strike/cobalt-strike-yuan-li-jie-shao/payload-sheng-cheng-fen-xi-hou-xu-bu-chong","siteSpaceId":"sitesp_H5c5U","description":"本章节是对上一个章节Payload生成分析的补充内容","breadcrumbs":[{"label":"Cobalt Strike原理介绍"}]},{"id":"-MF_hMV6IxKW3crnLtSd","title":"Stager Payload原理分析","pathname":"/cobalt-strike/cobalt-strike-yuan-li-jie-shao/untitled-1","siteSpaceId":"sitesp_H5c5U","description":"","breadcrumbs":[{"label":"Cobalt Strike原理介绍"}]},{"id":"-MH_nM-oPh-8svvUTANG","title":"Beacon加载执行过程","pathname":"/cobalt-strike/cobalt-strike-yuan-li-jie-shao/beacon-jia-zai-zhi-hang-guo-cheng","siteSpaceId":"sitesp_H5c5U","description":"","breadcrumbs":[{"label":"Cobalt Strike原理介绍"}]},{"id":"-MHGqgx22bmQA7k9GQsX","title":"进程参数欺骗原理","pathname":"/cobalt-strike/cobalt-strike-yuan-li-jie-shao/can-shu-qi-pian","siteSpaceId":"sitesp_H5c5U","description":"","breadcrumbs":[{"label":"Cobalt Strike原理介绍"}]},{"id":"-MHZvHALSwEUwEVlGaB2","title":"CS登录通信分析","pathname":"/cobalt-strike/cobalt-strike-yuan-li-jie-shao/untitled-2","siteSpaceId":"sitesp_H5c5U","description":"","breadcrumbs":[{"label":"Cobalt Strike原理介绍"}]},{"id":"-MH_ibIOaEcAs86mph3u","title":"CS Beacon通信分析","pathname":"/cobalt-strike/cobalt-strike-yuan-li-jie-shao/cs-mu-biao-shang-xian-guo-cheng","siteSpaceId":"sitesp_H5c5U","description":"","breadcrumbs":[{"label":"Cobalt Strike原理介绍"}]},{"id":"-MI7A9xxJZFHhmGqkMic","title":"内存加载分析（cs模块）","pathname":"/cobalt-strike/cobalt-strike-yuan-li-jie-shao/untitled-5","siteSpaceId":"sitesp_H5c5U","description":"","breadcrumbs":[{"label":"Cobalt Strike原理介绍"}]},{"id":"-MH_igz-AkCXkB1P3Kk8","title":"Beacon Object File(BOF实现原理)","pathname":"/cobalt-strike/cobalt-strike-yuan-li-jie-shao/untitled-3","siteSpaceId":"sitesp_H5c5U","description":"（注：本文不是讲解BOF代码开发和使用而是讲解BOF实现原理）","breadcrumbs":[{"label":"Cobalt Strike原理介绍"}]},{"id":"-MH_nZuWqWRuSZe4AZXD","title":"Beacon dll Hollowing","pathname":"/cobalt-strike/cobalt-strike-yuan-li-jie-shao/beacon-dll-hollowing","siteSpaceId":"sitesp_H5c5U","description":"","breadcrumbs":[{"label":"Cobalt Strike原理介绍"}]},{"id":"-MH_nIGJy_52z10UtjJo","title":"Beacon动态内存加密","pathname":"/cobalt-strike/cobalt-strike-yuan-li-jie-shao/beacon-nei-cun-hun-xiao","siteSpaceId":"sitesp_H5c5U","description":"","breadcrumbs":[{"label":"Cobalt Strike原理介绍"}]},{"id":"-MH_oxR5FGVxhhBPFg4I","title":"第三方客户端实现","pathname":"/cobalt-strike/cobalt-strike-yuan-li-jie-shao/untitled-4","siteSpaceId":"sitesp_H5c5U","description":"","breadcrumbs":[{"label":"Cobalt Strike原理介绍"}]},{"id":"-MJAMihzq8fbcRryIVUi","title":"Beacon完整流程分析","pathname":"/cobalt-strike/cobalt-strike-yuan-li-jie-shao/untitled-4/xiang-guan-xiang-mu-fen-xi","siteSpaceId":"sitesp_H5c5U","description":"","breadcrumbs":[{"label":"Cobalt Strike原理介绍"},{"label":"第三方客户端实现"}]},{"id":"1TqDqYSlEU2HyDQtoekM","title":"TODO","pathname":"/cobalt-strike/cobalt-strike-yuan-li-jie-shao/untitled-4/todo","siteSpaceId":"sitesp_H5c5U","description":"","breadcrumbs":[{"label":"Cobalt Strike原理介绍"},{"label":"第三方客户端实现"}]},{"id":"WrQaDHgy5xglCfGWGjog","title":"TODO","pathname":"/cobalt-strike/cobalt-strike-yuan-li-jie-shao/untitled-4/todo-1","siteSpaceId":"sitesp_H5c5U","description":"","breadcrumbs":[{"label":"Cobalt Strike原理介绍"},{"label":"第三方客户端实现"}]},{"id":"-MJAMPw5vYDfbhp0_GxY","title":"Beacon跨平台移植","pathname":"/cobalt-strike/cobalt-strike-yuan-li-jie-shao/untitled-4/beacon-payload-linux-yi-zhi","siteSpaceId":"sitesp_H5c5U","description":"","breadcrumbs":[{"label":"Cobalt Strike原理介绍"},{"label":"第三方客户端实现"}]},{"id":"-MFo-WkYcFF3AzncYaEj","title":"TODO","pathname":"/cobalt-strike/cobalt-strike-yuan-li-jie-shao/dai-xie","siteSpaceId":"sitesp_H5c5U","description":"","breadcrumbs":[{"label":"Cobalt Strike原理介绍"}]},{"id":"-MDz2ZjtDCYUfEi1JwGK","title":"Cobalt Strike攻击防御","pathname":"/cobalt-strike/cobalt-strike-gong-ji-fang-yu","siteSpaceId":"sitesp_H5c5U","description":""},{"id":"-Mie8TimtKqlrnxSMAox","title":"关于BeaconEye里的一点小bug","pathname":"/cobalt-strike/cobalt-strike-gong-ji-fang-yu/untitled-1","siteSpaceId":"sitesp_H5c5U","description":"","breadcrumbs":[{"label":"Cobalt Strike攻击防御"}]},{"id":"-MFo-Wk_ZLNNfVNSd8lT","title":"防御Demon","pathname":"/cobalt-strike/cobalt-strike-gong-ji-fang-yu/untitled","siteSpaceId":"sitesp_H5c5U","description":"","breadcrumbs":[{"label":"Cobalt Strike攻击防御"}]},{"id":"-MDZyx9l_-qj_p3ByrLs","title":"说明","pathname":"/cobalt-strike/cobalt-strike313han-hua-ban-xiu-gai-ban","siteSpaceId":"sitesp_H5c5U","description":""}]}