Blog That’ll never work–we don’t allow port 53 out One of my favorite Cobalt Strike features is its ability to quietly manage a compromised system with DNS. Being rather proud of this feature, I
Blog DNS Command and Control Added to Cobalt Strike Many networks are like sieves. A reverse TCP payload or an HTTP/S connection is all it takes to get out. Once in a while, you
Blog Cobalt Strike Updates 03.06.13 Just in time for this weekend’s North East Collegiate Cyber Defense Competition event, I have a fresh update to Armitage and Cobalt Strike. Here’s the
Blog My Software Development Practices: The Joel Test Joel Spolsky is one of my favorite writers on the topic of software development. He coined a 12-step Joel Test to determine if your company
Blog Cobalt Strike Boxed Set comes to ShmooCon It’s the middle of February, love is in the air, and… I’m busy preparing for my favorite hacker conference ShmooCon. This year, for the second
Blog Fresh Paint for the Java Applet Attack Java is a popular vector for penetration testers and those who penetrate networks without an invitation. An attacker creates a website to host a Java
Blog Keystroke Logging with Beacon I feel asynchronous low and slow C2 is a missing piece in the penetration tester’s toolkit. Beacon is Cobalt Strike’s answer to this problem. Beacon
Blog Two Years of Fast and Easy Hacking Today marks the two-year anniversary of the release of Armitage. My goal was to create a collaboration tool for exercise red teams. I wanted to show
Blog Advanced Threat Tactics Training I share a lot from my experiences playing on exercise red teams. I talk about the tactics to collaborate, persist on systems, and challenge network defenders
Blog Dirty Red Team Tricks II at Derbycon 2.0 Last year, I spoke on Dirty Red Team Tricks at Derbycon. This talk was a chance to share what I had used at the Collegiate