27
GitHub - outflanknl/Zipper: Zipper, a CobaltStrike file and folder compression u...
source link: https://github.com/outflanknl/Zipper
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
README.md
Zipper, a CobaltStrike file and folder compression utility.
This CobaltStrike tool allows Red teams to compress files and folders from local and UNC paths. This could be useful in situations where large files or folders need to be exfiltrated. After compressing a file or folder a random named zipfile is created within the user temp folder.
Usage:
Download the Zipper folder and load the Zipper.cna script within the Cobalt Strike Script Manager.
Syntax within beacon context: zipper [Full/UNC path]
This project is written in C using Visual Studio 2015.
You can use Visual Studio to compile the reflective dll from source.
Note to Blue Teams/Hunters/Defenders:
Lookout for random named zipfiles being created within user temp folders by non file-compression related processes.
Acknowledgments
zlib Compression Library: written by Mark Adler and Jean-loup Gailly.
Gilles Vollant: developer of Minizip, which this tool is based on.
Credits
Author: Cornelis de Plaa (@Cneelis) / Outflank
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK