Cobalt Strike is a threat emulation tool which simulates adversarial post-exploitation scenarios and supports Red Team operations. Replicate the tactics of a long-term embedded threat actor using a post-exploitation agent, Beacon, and Malleable C2, a command and control program that enables modification of network indicators to blend in with traffic and look like different malware.
Cobalt Strike is ideal for many types of security tests and its reach can be further extended by pairing it with other tools. Cobalt Strike is available individually as well as part of a bundle with Core Impact, a powerful penetration testing tool that can help to assess an organization’s defensive posture. With this bundle, you can provide additional insights to help bolster security and benefit from interoperability features like session passing and tunneling capabilities. Cobalt Strike can also be bundled with Outflank Security Tooling (OST), an evasive red teaming toolset that have been explicitly developed to bypass defensive measures and detection tools. OST seamlessly integrates directly with Cobalt Strike through BOFs and reflective DLL loading techniques, extending the reach of both tools to simplify complex technical tasks and increase efficiency.
What is included in my Cobalt Strike License?
Every Cobalt Strike license comes with:
Post Exploitation – Execute PowerShell script, log keystrokes, take screenshots, download files, and spawn other payloads using Cobalt Strike’s custom agent.
Browser Pivoting – Bypass two-factor authentication using a man-in-the-browser attack.
Shared Sessions – Log onto the server along with other Red Teamers for collaborative engagements.
Reporting and Logging – Generate multiple reports for data synthesis and further analysis.
Advanced Adversary Simulation – Emulate an embedded attacker using asynchronous “low and slow” communication to stay undetected.
Intelligence Gathering – Gather client-side reconnaissance using Cobalt Strike’s System Profiler.
Flexible Framework – Alter Cobalt Strike’s built-in Attack Kits to suit your needs, or browse the Community Kit to add on tools and scripts made by other users.
Pricing Packages
Cobalt Strike can be purchased on its own or as part of a bundle with our penetration testing solution, Core Impact, for a reduced price.
The chart below reflects US-only pricing.
Cobalt Strike |
Annual License as low as $3,540* |
BUY NOW |
|
* When bundled with other offensive security products. |
|
Core Impact |
|
|
|
| TESTS |
| Network Testing
|
|
|
|
| Client Side Testing
|
|
|
|
| Web Application Testing
|
|
|
|
| Wifi/Mobile Testing
|
|
|
|
| Add-On Exploit Pack Integration
|
|
|
|
| FEATURES |
| Interoperability with Cobalt Strike
|
|
|
|
| Rapid Penetration Tests
|
|
|
|
| Test Modules
|
|
|
|
| Reporting
|
|
|
|
| Integrations
|
|
|
|
| Remote Exploitation
|
|
|
|
| Unlimited IP Testing Scope
|
|
|
|
| Pivoting
|
|
|
|
| Post-Exploitation
|
|
|
|
| CloudCypher Access
|
|
|
|
| Web Interface
|
|
|
|
| REST API
|
|
|
|
| Teaming Capabilities
|
|
|
|
| Support
|
Customer Portal and email support |
Customer Portal and email support |
Phone, Customer Portal and email support |
Cobalt Strike + Core Impact Bundled Packages |
|
|
|
Cobalt Strike |
Annual License as low as $3,540 *BUY NOW |
| * When bundled with other offensive security products. |
|
Core Impact |
|
| Network Testing
|
|
| Client Side Testing |
|
| Web Application Testing |
|
| Wifi/Mobile Testing |
|
| Add-On Exploit Pack Integration |
|
| Interoperability with Cobalt Strike |
|
| Rapid Penetration Tests |
|
| Test Modules |
|
| Reporting |
|
| Integrations |
|
| Remote Exploitation |
|
| Unlimited IP Testing Scope |
|
| Pivoting |
|
| Post-Exploitation |
|
| CloudCypher Access |
|
| Web Interface |
|
| REST API |
|
| Teaming Capabilities |
|
| Support |
Customer Portal and email support |
Cobalt Strike + Core Impact Bundled Packages |
|
Core Impact |
|
| Network Testing
|
|
| Client Side Testing |
|
| Web Application Testing |
|
| Wifi/Mobile Testing |
|
| Add-On Exploit Pack Integration |
|
| Interoperability with Cobalt Strike |
|
| Rapid Penetration Tests |
|
| Test Modules |
|
| Reporting |
|
| Integrations |
|
| Remote Exploitation |
|
| Unlimited IP Testing Scope |
|
| Pivoting |
|
| Post-Exploitation |
|
| CloudCypher Access |
|
| Web Interface |
|
| REST API |
|
| Teaming Capabilities |
|
| Support |
Customer Portal and email support |
Cobalt Strike + Core Impact Bundled Packages |
|
Core Impact |
|
| Network Testing
|
|
| Client Side Testing |
|
| Web Application Testing |
|
| Wifi/Mobile Testing |
|
| Add-On Exploit Pack Integration |
|
| Interoperability with Cobalt Strike |
|
| Rapid Penetration Tests |
|
| Test Modules |
|
| Reporting |
|
| Integrations |
|
| Remote Exploitation |
|
| Unlimited IP Testing Scope |
|
| Pivoting |
|
| Post-Exploitation |
|
| CloudCypher Access |
|
| Web Interface |
|
| REST API |
|
| Teaming Capabilities |
|
| Support |
Phone, Customer Portal and email support |
Cobalt Strike + Core Impact Bundled Packages |
|
Interested in Cobalt Strike?
Discuss pricing and get any questions answered by talking to one of our experts.