The #1 Trait of a Successful Hacker
For some people, programming comes naturally to them. For others, it’s a struggle or something that doesn’t click with the way they think. The same
Cobalt Strike 1.49 – HTTP Proxy Authentication? No Problem.
I spend a lot of time on the road in March and April—using my tools. During these months, I take careful notes of the usability
What happens when I type getsystem?
Meterpreter’s getsystem command is taken for granted. Type getsystem and magically Meterpreter elevates you from a local administrator to the SYSTEM user. What’s really happening
Listeners: Cobalt Strike’s Glue Feature
Listeners are Cobalt Strike’s abstraction in front of the Metasploit Framework’s payload handlers. A handler is the exploit/multi/handler module. This module sets up a server that
Cobalt Strike 03.13.14 – NECCDC Edition
I’m writing this from a New Hampshire Bed and Breakfast where I’ve apparently received the Jacuzzi suite. I’m here for a romantic weekend running psexec
Cobalt Strike 02.27.14 – Details Matter
Cobalt Strike 1.48 (02.27.14) is now available. This release is the byproduct of a very intense development cycle. The theme of this release is: details
Modifying Metasploit’s Stager Shellcode
If you’ve ever had to change a module in the Metasploit Framework, you know the go to place is the modules/ directory off of the
Four Levels of Hacking Sophistication with Beacon
Beacon is Cobalt Strike’s payload for red team actions. Beacon is a stable lifeline that can serve as a communication layer. Meterpreter is a fantastic post-exploitation agent
Cobalt Strike 01.08.14 – EXE Artifacts: A New Hope
Cobalt Strike has always exposed the Metasploit Framework’s tool to generate executables. Unfortunately, these executables are caught by anti-virus products. I’ve had a lot of
Man-in-the-Browser Session Hijacking
Malware like Zeus and its variants inject themselves into a user’s browser to steal banking information. This is a man-in-the-browser attack. So-called, because the attacker