CCob
commented
2 years ago Do you have the malleable profile available, or any other details you could share?
Open wuyoukm opened 2 years ago
CCob
commented
2 years ago Do you have the malleable profile available, or any other details you could share?
ghost
commented
2 years ago how to use the -m option please ? should I do -m PID of beacon? or name of exe ? beacause until now a I have got 3 beacon with 60s sleep time not detected at all with a publicly available malleable c2.
CCob
commented
2 years ago Just -m on it's own with no args. It will monitor all processes found. If it's not being detected -m wont help you though. There is a bug in the heap enumeration where some memory is missed the scanning stage. I haven't fixed this yet, but hope to push something later this evening that I hope will solve some missed detections.
CCob
commented
2 years ago Are you able to try with the latest commit?
Cobalt Strike4.3 Failed to scan 64-bit beacon