Home

Awesome

README

The Cobalt Strike 4.4 release introduced an optional file, TeamServer.prop, that contains a number of parameters that can be used to customize the settings used to validate screenshot and keylog callback data.

The Cobalt Strike 4.7.1 release introduced new settings for the maximum number of beacons, thresholds for new beacons and beacon XSS validation.

The file is not included by default and a warning appears if it cannot be found when the teamserver starts up, but the absence of the file does not break the teamserver.

This repository contains an example TeamServer.prop. We don't recommend that the defaults values are changed but if this is something that you want to do, simply copy the file into your Cobalt Strike directory and (re)start the teamserver.

Add a limit to the number of beacons allowed (spam protection).

Threshold rate for adding new beacons (spam protection). Add a limit to the number of new beacons added within a specified time period. When the limit is exceeded, disable accepting new beacons for the disable duration.

Perform XSS Validation on select new beacon metadata (spam protection).

Override the timestamp formatting pattern used for logfiles.

Override the timezone used for the log files