MoveKit | Cobalt Strike kit for Lateral Movement
kandi X-RAY | MoveKit Summary
kandi X-RAY | MoveKit Summary
MoveKit is a C# library. MoveKit has no bugs, it has no vulnerabilities, it has a Strong Copyleft License and it has low support. You can download it from GitHub.
Movekit is an extension of built in Cobalt Strike lateral movement by leveraging the execute_assembly function with the SharpMove and SharpRDP .NET assemblies. The aggressor script handles payload creation by reading the template files for a specific execution type. IMPORTANT: To use the script a user will only need to load the MoveKit.cna aggressor script which will load all the other necessary scripts with it. Additionally, depending on actions taken the SharpMove and SharpRDP assemblies will need to be compiled and placed into the Assemblies directory. Finally, some of the file moving requires dynamic compiling which will require Mono. When loading the aggressor script there will be a selector loaded to the menubar named Move. There are multiple selections a user can select. First, users can select to execute a command on a remote system through WMI, DCOM, Task Scheduler, RDP, or SCM. Second, there is the Command execution mechanism which uses download cradles to grab and execute the files. Third, the File method drops a file on the system and executes it. There is Write File Only that does not do any execution, move data only. Finally, there is a Default settings to make using GUI faster and used with beacon commands. The default settings are used for anything that can accept a default. To use the beacon commands it will read the default settings and use a few command line arguments. A beacon command example: . Additionally, the custom pre built beacon command is a little bit different. Command example: move-pre-custom-file . The location field is the trickiest part of the project. When selecting WMI file movement location will be used, if SMB is selected then it will not be used (so it can be left empty). Location takes three different values. First, it location is a URL then when the payload is created it will be hosted by Cobalt Strike's web server. The beacon host where the assembly will be executed from will make a web request to the URL and grab the file, which will be used in an event sub on the target host to write the file. Second, if location is a Windows directory then it will upload the created file to the beacon host and the assembly will read it from the file system and store in the event sub to write to the remote host. Finally, if the location field is a linux path or the word local then it will dynamically compile the payload into the assembly being executed. However, if the file is above the 1MB file size limit then it will show an error. For all file methods the payload will be created through the aggressor script. However, if a payload is already created users can select to use the Custom (Prebuilt) option to move and execute it. The kit contains different file movement techniques, execution triggers, and payload types.
Movekit is an extension of built in Cobalt Strike lateral movement by leveraging the execute_assembly function with the SharpMove and SharpRDP .NET assemblies. The aggressor script handles payload creation by reading the template files for a specific execution type. IMPORTANT: To use the script a user will only need to load the MoveKit.cna aggressor script which will load all the other necessary scripts with it. Additionally, depending on actions taken the SharpMove and SharpRDP assemblies will need to be compiled and placed into the Assemblies directory. Finally, some of the file moving requires dynamic compiling which will require Mono. When loading the aggressor script there will be a selector loaded to the menubar named Move. There are multiple selections a user can select. First, users can select to execute a command on a remote system through WMI, DCOM, Task Scheduler, RDP, or SCM. Second, there is the Command execution mechanism which uses download cradles to grab and execute the files. Third, the File method drops a file on the system and executes it. There is Write File Only that does not do any execution, move data only. Finally, there is a Default settings to make using GUI faster and used with beacon commands. The default settings are used for anything that can accept a default. To use the beacon commands it will read the default settings and use a few command line arguments. A beacon command example: . Additionally, the custom pre built beacon command is a little bit different. Command example: move-pre-custom-file . The location field is the trickiest part of the project. When selecting WMI file movement location will be used, if SMB is selected then it will not be used (so it can be left empty). Location takes three different values. First, it location is a URL then when the payload is created it will be hosted by Cobalt Strike's web server. The beacon host where the assembly will be executed from will make a web request to the URL and grab the file, which will be used in an event sub on the target host to write the file. Second, if location is a Windows directory then it will upload the created file to the beacon host and the assembly will read it from the file system and store in the event sub to write to the remote host. Finally, if the location field is a linux path or the word local then it will dynamically compile the payload into the assembly being executed. However, if the file is above the 1MB file size limit then it will show an error. For all file methods the payload will be created through the aggressor script. However, if a payload is already created users can select to use the Custom (Prebuilt) option to move and execute it. The kit contains different file movement techniques, execution triggers, and payload types.
Support
Quality
Security
License
Reuse
Support
MoveKit has a low active ecosystem.
It has 559 star(s) with 110 fork(s). There are 16 watchers for this library.
It had no major release in the last 6 months.
There are 1 open issues and 0 have been closed. There are no pull requests.
It has a neutral sentiment in the developer community.
The latest version of MoveKit is current.
Quality
MoveKit has 0 bugs and 0 code smells.
Security
MoveKit has no vulnerabilities reported, and its dependent libraries have no vulnerabilities reported.
MoveKit code analysis shows 0 unresolved vulnerabilities.
There are 0 security hotspots that need review.
License
MoveKit is licensed under the GPL-3.0 License. This license is Strong Copyleft.
Strong Copyleft licenses enforce sharing, and you can use them when creating open source projects.
Reuse
MoveKit releases are not available. You will need to build from source code and install.
Installation instructions are not available. Examples and code snippets are available.
MoveKit saves you 77 person hours of effort in developing the same functionality from scratch.
It has 199 lines of code, 0 functions and 7 files.
It has low code complexity. Code complexity directly impacts maintainability of the code.
Top functions reviewed by kandi - BETA
kandi's functional review helps you automatically verify the functionalities of the libraries and avoid rework.
Currently covering the most popular Java, JavaScript and Python libraries. See a Sample of MoveKit
Currently covering the most popular Java, JavaScript and Python libraries. See a Sample of MoveKit
MoveKit Key Features
No Key Features are available at this moment for MoveKit.
MoveKit Examples and Code Snippets
No Code Snippets are available at this moment for MoveKit.
Community Discussions
No Community Discussions are available at this moment for MoveKit.Refer to stack overflow page for discussions.
Community Discussions, Code Snippets contain sources that include Stack Exchange Network
Vulnerabilities
No vulnerabilities reported
Install MoveKit
You can download it from GitHub.
Support
For any new features, suggestions and bugs create an issue on GitHub.
If you have any questions check and ask questions on community page Stack Overflow .
Find more information at:
Reuse Trending Solutions
Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items
Find more librariesStay Updated
Subscribe to our newsletter for trending solutions and developer bootcamps
Share this Page