Didier Stevens

Monday 8 March 2021

Update: 1768.py Version 0.0.5

Filed under: My Software,Update — Didier Stevens @ 0:00

I updated the analysis logic in this new version of my tool 1768.py to analyze Cobalt Strike beacons.

There’s a new option -c (–csv) to output the config values in CSV format.

And now with option -r (–raw), identical configs are de-duplicated.

1768_v0_0_5.zip (https)
MD5: 83D7A867B93FAC13BA24F17DDA994A9A
SHA256: CBCB84B9C4D8C1ED05983C2A211E3EA6029E69782FDDD6E15181EE4F47383EB5

2 Comments »

  1. […] Didier StevensUpdate: 1768.py Version 0.0.5 […]

    Pingback by Week 11 – 2021 – This Week In 4n6 — Sunday 14 March 2021 @ 0:47

  2. […] parse-cs-http-traffic.py, 1768.py, pecheck.py and […]

    Pingback by Didier Stevens Videos — Sunday 18 April 2021 @ 12:09


RSS feed for comments on this post. TrackBack URI

Leave a Reply (comments are moderated)

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Blog at WordPress.com.