Java Signed Applet Attack

This tool is available through Attacks -> Web Drive-by -> Signed Applet Attack. This attack starts a Cobalt Strike web server hosting a self-signed Java applet. Visitors are asked to give the applet permission to run. When a visitor grants this permission, you gain access to their system.

Set the URI Path and Port to configure the webserver.

Press Launch to start the attack.

Check Enable SSL to serve this content over SSL. This option is available when you specify a valid SSL certificate in your Malleable C2 profile.

Signing Cobalt Strike's Applet Attack

Cobalt Strike's Java Signed Applet attack is not effective without a valid code signing certificate. This tutorial shows how to sign Cobalt Strike's Java Signed Applet attack with your own code signing certificate.