kali.mirror.gtcomm.net · beef-xss_0.4.7.1.orig.tar.gz

/kali/pool/main/b/beef-xss/

Canada · GTCOMM

Yara CobaltStrike_C2_Host_Indicator From Florian Roth by yara@s3c.za.net

Yara SUSP_PowerShell_IEX_Download_Combo From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_PowerShell_Framework_Gen4 From Florian Roth by Florian Roth (Nextron Systems)

Yara Cobaltbaltstrike_Payload_Encoded From Florian Roth by Avast Threat Intel Team

Yara SUSP_shellpop_Bash From Florian Roth by Tobias Michalski

Yara WebShell__findsock_php_findsock_shell_php_reverse_shell From Florian Roth by Florian Roth (Nextron Systems)

Download archived sample

The password is "infected"

kali.mirror.globo.tech · beef-xss_0.4.7.1.orig.tar.gz

/kali/pool/main/b/beef-xss/

Canada · GTCOMM

Yara CobaltStrike_C2_Host_Indicator From Florian Roth by yara@s3c.za.net

Yara SUSP_PowerShell_IEX_Download_Combo From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_PowerShell_Framework_Gen4 From Florian Roth by Florian Roth (Nextron Systems)

Yara Cobaltbaltstrike_Payload_Encoded From Florian Roth by Avast Threat Intel Team

Yara SUSP_shellpop_Bash From Florian Roth by Tobias Michalski

Yara WebShell__findsock_php_findsock_shell_php_reverse_shell From Florian Roth by Florian Roth (Nextron Systems)

Download archived sample

The password is "infected"

kali.mirror.gtcomm.net · beef-xss_0.4.7.0.orig.tar.gz

/kali/pool/main/b/beef-xss/

Canada · GTCOMM

Yara CobaltStrike_C2_Host_Indicator From Florian Roth by yara@s3c.za.net

Yara SUSP_PowerShell_IEX_Download_Combo From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_PowerShell_Framework_Gen4 From Florian Roth by Florian Roth (Nextron Systems)

Yara Cobaltbaltstrike_Payload_Encoded From Florian Roth by Avast Threat Intel Team

Yara SUSP_shellpop_Bash From Florian Roth by Tobias Michalski

Yara WebShell__findsock_php_findsock_shell_php_reverse_shell From Florian Roth by Florian Roth (Nextron Systems)

Download archived sample

The password is "infected"

kali.mirror.globo.tech · beef-xss_0.4.7.0.orig.tar.gz

/kali/pool/main/b/beef-xss/

Canada · GTCOMM

Yara CobaltStrike_C2_Host_Indicator From Florian Roth by yara@s3c.za.net

Yara SUSP_PowerShell_IEX_Download_Combo From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_PowerShell_Framework_Gen4 From Florian Roth by Florian Roth (Nextron Systems)

Yara Cobaltbaltstrike_Payload_Encoded From Florian Roth by Avast Threat Intel Team

Yara SUSP_shellpop_Bash From Florian Roth by Tobias Michalski

Yara WebShell__findsock_php_findsock_shell_php_reverse_shell From Florian Roth by Florian Roth (Nextron Systems)

Download archived sample

The password is "infected"

kali.mirror.gtcomm.net · beef-xss_0.4.6.1+0~git1451447247.ce01d9.orig.tar.gz

/kali/pool/main/b/beef-xss/

Canada · GTCOMM

Yara CobaltStrike_C2_Host_Indicator From Florian Roth by yara@s3c.za.net

Yara Empire_PowerShell_Framework_Gen4 From Florian Roth by Florian Roth (Nextron Systems)

Yara SUSP_PowerShell_IEX_Download_Combo From Florian Roth by Florian Roth (Nextron Systems)

Yara SUSP_shellpop_Bash From Florian Roth by Tobias Michalski

Yara Cobaltbaltstrike_Payload_Encoded From Florian Roth by Avast Threat Intel Team

Yara WebShell__findsock_php_findsock_shell_php_reverse_shell From Florian Roth by Florian Roth (Nextron Systems)

Download archived sample

The password is "infected"

kali.mirror.globo.tech · beef-xss_0.4.6.1+0~git1451447247.ce01d9.orig.tar.gz

/kali/pool/main/b/beef-xss/

Canada · GTCOMM

Yara CobaltStrike_C2_Host_Indicator From Florian Roth by yara@s3c.za.net

Yara Empire_PowerShell_Framework_Gen4 From Florian Roth by Florian Roth (Nextron Systems)

Yara SUSP_PowerShell_IEX_Download_Combo From Florian Roth by Florian Roth (Nextron Systems)

Yara SUSP_shellpop_Bash From Florian Roth by Tobias Michalski

Yara Cobaltbaltstrike_Payload_Encoded From Florian Roth by Avast Threat Intel Team

Yara WebShell__findsock_php_findsock_shell_php_reverse_shell From Florian Roth by Florian Roth (Nextron Systems)

Download archived sample

The password is "infected"

kali.mirror.gtcomm.net · beef-xss_0.4.7.1.orig.tar.gz

/kali/pool/main/b/beef-xss/

Canada · GTCOMM

Yara CobaltStrike_C2_Host_Indicator From Florian Roth by yara@s3c.za.net

Yara SUSP_PowerShell_IEX_Download_Combo From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_PowerShell_Framework_Gen4 From Florian Roth by Florian Roth (Nextron Systems)

Yara Cobaltbaltstrike_Payload_Encoded From Florian Roth by Avast Threat Intel Team

Yara SUSP_shellpop_Bash From Florian Roth by Tobias Michalski

Yara WebShell__findsock_php_findsock_shell_php_reverse_shell From Florian Roth by Florian Roth (Nextron Systems)

Download archived sample

The password is "infected"

kali.mirror.globo.tech · beef-xss_0.4.7.1.orig.tar.gz

/kali/pool/main/b/beef-xss/

Canada · GTCOMM

Yara CobaltStrike_C2_Host_Indicator From Florian Roth by yara@s3c.za.net

Yara SUSP_PowerShell_IEX_Download_Combo From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_PowerShell_Framework_Gen4 From Florian Roth by Florian Roth (Nextron Systems)

Yara Cobaltbaltstrike_Payload_Encoded From Florian Roth by Avast Threat Intel Team

Yara SUSP_shellpop_Bash From Florian Roth by Tobias Michalski

Yara WebShell__findsock_php_findsock_shell_php_reverse_shell From Florian Roth by Florian Roth (Nextron Systems)

Download archived sample

The password is "infected"

kali.mirror.gtcomm.net · beef-xss_0.4.7.0.orig.tar.gz

/kali/pool/main/b/beef-xss/

Canada · GTCOMM

Yara CobaltStrike_C2_Host_Indicator From Florian Roth by yara@s3c.za.net

Yara SUSP_PowerShell_IEX_Download_Combo From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_PowerShell_Framework_Gen4 From Florian Roth by Florian Roth (Nextron Systems)

Yara Cobaltbaltstrike_Payload_Encoded From Florian Roth by Avast Threat Intel Team

Yara SUSP_shellpop_Bash From Florian Roth by Tobias Michalski

Yara WebShell__findsock_php_findsock_shell_php_reverse_shell From Florian Roth by Florian Roth (Nextron Systems)

Download archived sample

The password is "infected"

kali.mirror.globo.tech · beef-xss_0.4.7.0.orig.tar.gz

/kali/pool/main/b/beef-xss/

Canada · GTCOMM

Yara CobaltStrike_C2_Host_Indicator From Florian Roth by yara@s3c.za.net

Yara SUSP_PowerShell_IEX_Download_Combo From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_PowerShell_Framework_Gen4 From Florian Roth by Florian Roth (Nextron Systems)

Yara Cobaltbaltstrike_Payload_Encoded From Florian Roth by Avast Threat Intel Team

Yara SUSP_shellpop_Bash From Florian Roth by Tobias Michalski

Yara WebShell__findsock_php_findsock_shell_php_reverse_shell From Florian Roth by Florian Roth (Nextron Systems)

Download archived sample

The password is "infected"

kali.mirror.gtcomm.net · beef-xss_0.4.6.1+0~git1451447247.ce01d9.orig.tar.gz

/kali/pool/main/b/beef-xss/

Canada · GTCOMM

Yara CobaltStrike_C2_Host_Indicator From Florian Roth by yara@s3c.za.net

Yara Empire_PowerShell_Framework_Gen4 From Florian Roth by Florian Roth (Nextron Systems)

Yara SUSP_PowerShell_IEX_Download_Combo From Florian Roth by Florian Roth (Nextron Systems)

Yara SUSP_shellpop_Bash From Florian Roth by Tobias Michalski

Yara Cobaltbaltstrike_Payload_Encoded From Florian Roth by Avast Threat Intel Team

Yara WebShell__findsock_php_findsock_shell_php_reverse_shell From Florian Roth by Florian Roth (Nextron Systems)

Download archived sample

The password is "infected"

kali.mirror.globo.tech · beef-xss_0.4.6.1+0~git1451447247.ce01d9.orig.tar.gz

/kali/pool/main/b/beef-xss/

Canada · GTCOMM

Yara CobaltStrike_C2_Host_Indicator From Florian Roth by yara@s3c.za.net

Yara Empire_PowerShell_Framework_Gen4 From Florian Roth by Florian Roth (Nextron Systems)

Yara SUSP_PowerShell_IEX_Download_Combo From Florian Roth by Florian Roth (Nextron Systems)

Yara SUSP_shellpop_Bash From Florian Roth by Tobias Michalski

Yara Cobaltbaltstrike_Payload_Encoded From Florian Roth by Avast Threat Intel Team

Yara WebShell__findsock_php_findsock_shell_php_reverse_shell From Florian Roth by Florian Roth (Nextron Systems)

Download archived sample

The password is "infected"

l.ocalho.st · tggsys.ps1

/.x/

Finland · Hetzner Online GmbH

Yara Empire_PowerShell_Framework_Gen4 From Florian Roth by Florian Roth (Nextron Systems)

Download archived sample

The password is "infected"

l.ocalho.st · sys.ps1

/.x/

Finland · Hetzner Online GmbH

Yara Empire_PowerShell_Framework_Gen4 From Florian Roth by Florian Roth (Nextron Systems)

Download archived sample

The password is "infected"

www.db.sector404.me · cobaltstrike_release.zip

/

United States · STEADFAST

Yara Mimikatz_Memory_Rule_1 From Florian Roth by Florian Roth

Yara CobaltStrike_Resources_Artifact32_v3_14_to_v4_x From Florian Roth by gssincla@google.com

Yara Cobaltbaltstrike_RAW_Payload_TCP_Reverse_x64 From Florian Roth by Avast Threat Intel Team

Yara CobaltStrike_Resources_Artifact64_v3_14_to_v4_x From Florian Roth by gssincla@google.com

Yara CobaltStrike_Resources_Template_Sct_v3_3_to_v4_x From Florian Roth by gssincla@google.com

Yara CobaltStrike_Resources_Template_x64_Ps1_v3_0_to_v4_x_excluding_3_12_3_13 From Florian Roth by gssincla@google.com

Yara Cobaltbaltstrike_RAW_Payload_TCP_Reverse_x86 From Florian Roth by Avast Threat Intel Team

Yara Msfpayloads_msf_6 From Florian Roth by Florian Roth (Nextron Systems)

Yara Cobaltbaltstrike_RAW_Payload_http_stager_x64 From Florian Roth by Avast Threat Intel Team

Yara CobaltStrike_Resources_Covertvpn_Dll_v2_1_to_v4_x From Florian Roth by gssincla@google.com

Yara CobaltStrike_Resources_Template_x86_Vba_v3_8_to_v4_x From Florian Roth by gssincla@google.com

Yara HKTL_CobaltStrike_Beacon_Strings From Florian Roth by Elastic

Yara CobaltStrike_Resources_Command_Ps1_v2_5_to_v3_7_and_Resources_Compress_Ps1_v3_8_to_v4_x From Florian Roth by gssincla@google.com

Yara Cobaltbaltstrike_RAW_Payload_https_stager_x64 From Florian Roth by Avast Threat Intel Team

Yara Cobaltbaltstrike_RAW_Payload_dns_stager_x86 From Florian Roth by Avast Threat Intel Team

Yara CobaltStrike_Resources_Template_Py_v3_3_to_v4_x From Florian Roth by gssincla@google.com

Yara Cobaltbaltstrike_RAW_Payload_TCP_Bind_x86 From Florian Roth by Avast Threat Intel Team

Yara Cobaltbaltstrike_RAW_Payload_http_stager_x86 From Florian Roth by Avast Threat Intel Team

Yara Cobaltbaltstrike_RAW_Payload_https_stager_x86 From Florian Roth by Avast Threat Intel Team

Yara Cobaltbaltstrike_RAW_Payload_smb_stager_x86 From Florian Roth by Avast Threat Intel Team

Yara CobaltStrike_Resources__Template_Vbs_v3_3_to_v4_x From Florian Roth by gssincla@google.com

Yara Cobaltbaltstrike_RAW_Payload_TCP_Bind_x64 From Florian Roth by Avast Threat Intel Team

Yara SUSP_PowerShell_IEX_Download_Combo From Florian Roth by Florian Roth (Nextron Systems)

Yara HKTL_NoPowerShell From Florian Roth by Florian Roth (Nextron Systems)

Yara INDICATOR_EXE_Packed_Dotfuscator From AlienVault by ditekSHen

Yara ReflectiveLoader From Florian Roth by Florian Roth (Nextron Systems)

Yara CobaltStrike_Resources_Elevate_X64_Dll_v3_0_to_v3_14_and_Sleeve_Elevate_X64_Dll_v4_x From Florian Roth by gssincla@google.com

Yara INDICATOR_EXE_Packed_Fody From AlienVault by ditekSHen

Yara ps1_toolkit_PowerUp From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_PowerShell_Framework_Gen4 From Florian Roth by Florian Roth (Nextron Systems)

Yara Base64_encoded_Executable From Florian Roth by Florian Roth (Nextron Systems)

Yara Invoke_mimikittenz From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_KeePassConfig From Florian Roth by Florian Roth (Nextron Systems)

Yara HackTool_MSIL_SAFETYKATZ_4 From Florian Roth by FireEye

Yara HackTool_MSIL_SEATBELT_1 From Florian Roth by FireEye

Yara Disable_Defender From AbuseCH by iam-py-test

Yara WiltedTulip_WindowsTask From Florian Roth by Florian Roth (Nextron Systems)

Yara NTLM_Dump_Output From Florian Roth by Florian Roth (Nextron Systems)

Download archived sample

The password is "infected"

db.sector404.me · cobaltstrike_release.zip

/

United States · STEADFAST

Yara Mimikatz_Memory_Rule_1 From Florian Roth by Florian Roth

Yara CobaltStrike_Resources_Artifact32_v3_14_to_v4_x From Florian Roth by gssincla@google.com

Yara Cobaltbaltstrike_RAW_Payload_TCP_Reverse_x64 From Florian Roth by Avast Threat Intel Team

Yara CobaltStrike_Resources_Artifact64_v3_14_to_v4_x From Florian Roth by gssincla@google.com

Yara CobaltStrike_Resources_Template_Sct_v3_3_to_v4_x From Florian Roth by gssincla@google.com

Yara CobaltStrike_Resources_Template_x64_Ps1_v3_0_to_v4_x_excluding_3_12_3_13 From Florian Roth by gssincla@google.com

Yara Cobaltbaltstrike_RAW_Payload_TCP_Reverse_x86 From Florian Roth by Avast Threat Intel Team

Yara Msfpayloads_msf_6 From Florian Roth by Florian Roth (Nextron Systems)

Yara Cobaltbaltstrike_RAW_Payload_http_stager_x64 From Florian Roth by Avast Threat Intel Team

Yara CobaltStrike_Resources_Covertvpn_Dll_v2_1_to_v4_x From Florian Roth by gssincla@google.com

Yara CobaltStrike_Resources_Template_x86_Vba_v3_8_to_v4_x From Florian Roth by gssincla@google.com

Yara HKTL_CobaltStrike_Beacon_Strings From Florian Roth by Elastic

Yara CobaltStrike_Resources_Command_Ps1_v2_5_to_v3_7_and_Resources_Compress_Ps1_v3_8_to_v4_x From Florian Roth by gssincla@google.com

Yara Cobaltbaltstrike_RAW_Payload_https_stager_x64 From Florian Roth by Avast Threat Intel Team

Yara Cobaltbaltstrike_RAW_Payload_dns_stager_x86 From Florian Roth by Avast Threat Intel Team

Yara CobaltStrike_Resources_Template_Py_v3_3_to_v4_x From Florian Roth by gssincla@google.com

Yara Cobaltbaltstrike_RAW_Payload_TCP_Bind_x86 From Florian Roth by Avast Threat Intel Team

Yara Cobaltbaltstrike_RAW_Payload_http_stager_x86 From Florian Roth by Avast Threat Intel Team

Yara Cobaltbaltstrike_RAW_Payload_https_stager_x86 From Florian Roth by Avast Threat Intel Team

Yara Cobaltbaltstrike_RAW_Payload_smb_stager_x86 From Florian Roth by Avast Threat Intel Team

Yara CobaltStrike_Resources__Template_Vbs_v3_3_to_v4_x From Florian Roth by gssincla@google.com

Yara Cobaltbaltstrike_RAW_Payload_TCP_Bind_x64 From Florian Roth by Avast Threat Intel Team

Yara SUSP_PowerShell_IEX_Download_Combo From Florian Roth by Florian Roth (Nextron Systems)

Yara HKTL_NoPowerShell From Florian Roth by Florian Roth (Nextron Systems)

Yara INDICATOR_EXE_Packed_Dotfuscator From AlienVault by ditekSHen

Yara ReflectiveLoader From Florian Roth by Florian Roth (Nextron Systems)

Yara CobaltStrike_Resources_Elevate_X64_Dll_v3_0_to_v3_14_and_Sleeve_Elevate_X64_Dll_v4_x From Florian Roth by gssincla@google.com

Yara INDICATOR_EXE_Packed_Fody From AlienVault by ditekSHen

Yara ps1_toolkit_PowerUp From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_PowerShell_Framework_Gen4 From Florian Roth by Florian Roth (Nextron Systems)

Yara Base64_encoded_Executable From Florian Roth by Florian Roth (Nextron Systems)

Yara Invoke_mimikittenz From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_KeePassConfig From Florian Roth by Florian Roth (Nextron Systems)

Yara HackTool_MSIL_SAFETYKATZ_4 From Florian Roth by FireEye

Yara HackTool_MSIL_SEATBELT_1 From Florian Roth by FireEye

Yara Disable_Defender From AbuseCH by iam-py-test

Yara WiltedTulip_WindowsTask From Florian Roth by Florian Roth (Nextron Systems)

Yara NTLM_Dump_Output From Florian Roth by Florian Roth (Nextron Systems)

Download archived sample

The password is "infected"

mirror.freedif.org · veil_3.1.14.orig.tar.gz

/kali/pool/main/v/veil/

Singapore · MyRepublic Ltd.

Yara Empire_PowerShell_Framework_Gen4 From Florian Roth by Florian Roth (Nextron Systems)

Yara Cobaltbaltstrike_Payload_Encoded From Florian Roth by Avast Threat Intel Team

Download archived sample

The password is "infected"

cloud.tidning.eu · CEHv11 Module 06 System Hacking.zip

/books/CEH/

France · Free SAS

Yara Empire_Invoke_DllInjection From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_PowerShell_Framework_Gen1 From Florian Roth by Florian Roth (Nextron Systems)

Yara Cobaltbaltstrike_Payload_Encoded From Florian Roth by Avast Threat Intel Team

Yara Suspicious_PowerShell_WebDownload_1 From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_Install_SSP From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_PowerShell_Framework_Gen4 From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_Out_Minidump From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_Get_SecurityPackages From Florian Roth by Florian Roth (Nextron Systems)

Yara Base64_encoded_Executable From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_Invoke_Portscan_Gen From Florian Roth by Florian Roth (Nextron Systems)

Yara SUSP_PowerShell_IEX_Download_Combo From Florian Roth by Florian Roth (Nextron Systems)

Yara HackTool_Samples From Florian Roth

89.197.154.115 · Empire-3.8.2.zip

/

United Kingdom · Virtual1 Limited

Yara SUSP_Netsh_PortProxy_Command From Florian Roth by Florian Roth (Nextron Systems)

Yara Suspicious_PowerShell_WebDownload_1 From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_Get_SecurityPackages From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_Install_SSP From Florian Roth by Florian Roth (Nextron Systems)

Yara Base64_encoded_Executable From Florian Roth by Florian Roth (Nextron Systems)

Yara p0wnedPotato From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_Invoke_MetasploitPayload From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_Invoke_DllInjection From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_Invoke_ShellcodeMSIL From Florian Roth by Florian Roth (Nextron Systems)

Yara Cobaltbaltstrike_Payload_Encoded From Florian Roth by Avast Threat Intel Team

Yara Invoke_SMBExec_Invoke_WMIExec_1 From Florian Roth by Florian Roth (Nextron Systems)

Yara TA17_293A_malware_1 From Florian Roth by US-CERT Code Analysis Team (modified by Florian Roth)

Yara Empire_Invoke_SSHCommand From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_Invoke_PsExec From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_Invoke_SmbScanner From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_Invoke_SMBAutoBrute From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_Invoke_Portscan_Gen From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_Exploit_Jenkins From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_Exploit_JBoss From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_PowerShell_Framework_Gen1 From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_Invoke_PowerDump From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_dumpCredStore From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_PowerShell_Framework_Gen4 From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_Out_Minidump From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_KeePassConfig From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_Get_Keystrokes From Florian Roth by Florian Roth (Nextron Systems)

Yara HKTL_PS1_PowerCat_Mar21 From Florian Roth by Florian Roth (Nextron Systems)

Yara ps1_toolkit_PowerUp From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_Get_GPPPassword From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_Invoke_EgressCheck From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_Invoke_PostExfil From Florian Roth by Florian Roth (Nextron Systems)

Yara HKTL_NET_GUID_UnmanagedPowerShell From Florian Roth by Arnim Rupp (https://github.com/ruppde)