Cobalt Strike’s system profiler discovers which client-side applications your target uses, with version information.
Beacon is Cobalt Strike's payload to model an advanced actor. Beacon executes PowerShell scripts, logs keystrokes, takes screenshots, downloads files, and spawns other payloads.
Beacon’s network indicators are malleable. Load a C2 profile to look like another actor. Use HTTP, HTTPS, and DNS to egress a network. Use named pipes to control Beacons, peer-to-peer, over the SMB protocol.
Import a message and let Cobalt Strike replace links and text to build a convincing phish for you. Cobalt Strike sends email and tracks who clicks.
Use a Browser Pivot to go around two-factor authentication and access sites as your target.
Connect to a Cobalt Strike team server to share data, communicate in real-time, and control systems compromised during the engagement.