Didier Stevens

Sunday 21 November 2021

Update: 1768.py Version 0.0.10

Filed under: My Software,Update — Didier Stevens @ 0:00

This new version of 1768.py, my tool to analyze Cobalt Strike beacons, adds some small changes, like extra tests and defines more field names.

1768_v0_0_10.zip (https)
MD5: 603EFE48CF8740397562F65C9E22B648
SHA256: 67F2D59FCE9757B10FE4B50C7D7CD284D36AE21912A13531820AC0BDA8ABC0C1

3 Comments »

  1. […] Didier StevensUpdate: 1768.py Version 0.0.10 […]

    Pingback by Week 47 – 2021 – This Week In 4n6 — Sunday 21 November 2021 @ 12:44

  2. […] First we need to take a look at the beacon configuration with tool 1768.py: […]

    Pingback by Cobalt Strike: Decrypting DNS Traffic – Part 5 – NVISO Labs — Monday 29 November 2021 @ 11:14


RSS feed for comments on this post. TrackBack URI

Leave a Reply (comments are moderated)

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Blog at WordPress.com.