Locked SourcePoint v2.2 - polymorphic C2 profile generator for Cobalt Strike C2s

[itsMe]

This is the hidden content, please

• Sign In
• or
• Sign Up

SourcePoint is a polymorphic C2 profile generator for Cobalt Strike C2s, written in Go. SourcePoint allows unique C2 profiles to be generated on the fly that helps reduce our Indicators of Compromise (“IoCs”) and allows the operator to spin up complex profiles with minimal effort. This was done by extensively reviewing Articles as well as Patch Notes to identify key functions and modifiable features. SourcePoint was designed with the intent of addressing the issue of how to make our C2 activity harder to detect, focusing on moving away from malicious IoCs to suspicious ones. The goal here is that it is harder to detect our C2 if our IoCs are not malicious in nature and require additional research to discover the suspicious nature. SourcePoint contains numerous different configurable options to choose from to modify your profile (in most cases if left blank SourcePoint will randomly choose them for you). The generated profiles modify all aspects of your C2. The goal of this project is to not only aid in circumventing detection-based controls but also help blend C2 traffic and activity into the environment, making said activity hard to detect.

Changelog v2.2

Huge shout out to Xenov-X for helping with these new features

New Features

    Added customuriGET and customuriPOST arguments
    Made valid SSL optional for custom profiles
    Added support for custom user agent

Bug Fixes

    Fixed some missing quotes in Peclone_list
    Fixed numerous errors with Custom Profiles
    Fixed missing quotes on struct variable
    Fixed issue with Spawnto option “pcaui.exe”
    Update the README

This is the hidden content, please

• Sign In
• or
• Sign Up