Cobalt Strike Infrastructure Downtime – March 2024
The Cobalt Strike download infrastructure will be down for a short while on Wednesday 13th March for routine maintenance. Work will begin around 15:00 GMT
Introducing the Mutator Kit: Creating Object File Monstrosities with Sleep Mask and LLVM
This is a joint blog written by William Burgess (@joehowwolf) and Henri Nurmi (@HenriNurmi). In our ‘Cobalt Strike and YARA: Can I Have Your Signature?’
Cobalt Strike Infrastructure Maintenance – January 2024
We will be making a small change to the Cobalt Strike infrastructure next week. This will not result in any downtime but will affect updates
Out of Band Update: Cobalt Strike 4.9.1
Cobalt Strike 4.9.1 is now available. This is an out of band update to fix an issue that was discovered in the 4.9 release that
Cobalt Strike 4.9: Take Me To Your Loader
Cobalt Strike 4.9 is now available. This release sees an overhaul to Cobalt Strike’s post exploitation capabilities to support user defined reflective loaders (UDRLs), the
Revisiting the User-Defined Reflective Loader Part 2: Obfuscation and Masking
This is the second installment in a series revisiting the User-Defined Reflective Loader (UDRL). In part one, we aimed to simplify the development and debugging
Core Impact Datasheet
Core Impact empowers organizations to proactively minimize risk and protect critical assets by using the same techniques as today’s threat actors to assess their infrastructure’s
Simplifying BOF Development: Debug, Test, and Save Your B(e)acon
Beacon Object Files (BOFs) were introduced in Cobalt Strike 4.1 in 2020. Since their release, BOFs have played a key role in post-exploitation activities, surpassing
Cobalt Strike and Outflank Security Tooling: Friends in Evasive Places
This is a joint blog written by the Cobalt Strike and Outflank teams. It is also available on the Outflank site. Over the past few months
Advanced Red Team Bundle Datasheet
Core Impact, Cobalt Strike, and Outflank Security Tooling (OST) are three powerful security solutions that use the same techniques as today’s threat actors in order to safely evaluate