This is cs-analyze-processdump.py, my tool to analyze Cobalt Strike beacon process dumps, detecting and decoding sleep mode encoding.

cs-analyze-processdump_V0_0_2.zip (https)
MD5: 699C184AA60F741B6DD7CB8C05E12448
SHA256: 5E6C121783C9BC1A392AA4FEFD77D66709B0C8FB2F3E568D8538C6CD81C7B315

This is a bugfix version of cs-decrypt-metadata.py, my tool to decrypt Cobalt Strike metadata.

cs-decrypt-metadata_V0_0_3.zip (https)
MD5: BC42AF00F35FE8460E8AA23F2B54A84A
SHA256: 13C62A515D49CF8DEF4A866B069AFC47885B13CAB3703AA529C214B88FF576D3

This is a bug fix version.

base64dump_V0_0_18.zip (https)
MD5: C1D1FBED0E4C1A4703C56412611EF47D
SHA256: 3F46110F9A1750D2351EB7CE2278C1E61EE1C421E10ABB5EC5BFC28B0DA61285