Offensive Security: Advanced Bundle
Core Impact and Cobalt Strike represent two distinct, yet complementary approaches to security assessment. Core Impact is an automated pen testing tool that focuses on
Cobalt Strike Datasheet
Cobalt Strike is a standard-setting adversary simulation tool, recognized globally for facilitating red team operations with its signature payload and extensible C2 framework to accurately
Writing Beacon Object Files: Flexible, Stealthy, and Compatible
Our colleagues over at Core Security have been doing great things with Cobalt Strike, making use of it in their own engagements. They wrote up
User Defined Reflective Loader (UDRL) Update in Cobalt Strike 4.5
The User Defined Reflective Loader (UDRL) was first introduced in Cobalt Strike 4.4. to allow the creation and use of a custom reflective loader. This
Sleep Mask Update in Cobalt Strike 4.5
The Sleep Mask Kit was first introduced in Cobalt Strike 4.4 to allow users to modify how the sleep mask function looks in memory in order to defeat static signatures that identified Beacon. This
A Deeper Look Into the Max Retry Strategy Option
A complementary strategy to the Host Rotation Strategy was introduced to Cobalt Strike 4.5. The max retry strategy was added to HTTP, HTTPS, and DNS
Process Injection Update in Cobalt Strike 4.5
Process injection is a core component to Cobalt Strike post exploitation. Until now, the option was to use a built-in injection technique using fork&run. This
Cobalt Strike 4.5: Fork&Run – you’re “history”
Cobalt Strike 4.5 is now available. This release sees new options for process injection, updates to the sleep mask and UDRL kits, evasion improvements and
Cobalt Strike infrastructure changes
We will be making some changes to the Cobalt Strike infrastructure in late November/early December. We are not anticipating any downtime but we wanted to
Nanodump: A Red Team Approach to Minidumps
Motivation It is known that dumping Windows credentials is a technique often utilized for everyday attacks by adversaries and, consequently, Red Teamers. This process has