Cobalt Strike 3.5 – UNIX Post Exploitation
Cobalt Strike 3.5 is now available. This release adds an SSH client with a Beacon-like interface. This client allows you to conduct post-exploitation actions against
Cobalt Strike Tapas
I’ve slowed down on my blogging since this year’s BlackHat and DEF CON. I’m hard at work on the 3.5 release and haven’t had spare
Cobalt Strike 3.4 – Operational Details
Cobalt Strike 3.4 is now available. This release focuses on the DNS Beacon and a few additions to Malleable C2. Here are the highlights: New
HOWTO: Reset Your Cobalt Strike License Key
Time to time, I hand out Cobalt Strike license keys to non-customers. Sometimes these are to support an event (e.g., the National CCDC Red Team).
Raffi’s Abridged Guide to Cobalt Strike
This blog post is a fast overview of Cobalt Strike. I assume that you are familiar with Meterpreter, Mimikatz, and make use of Offensive PowerShell in
Cobalt Strike 3.3 – Now with less PowerShell.exe
The fourth release in the Cobalt Strike 3.x series is now available. There’s some really good stuff here. I think you’ll like it. Unmanaged PowerShell
User Exploitation at Scale
Some hackers only think about access. It’s the precious. How to get that first shell? I don’t care too much about this. I’m concerned about
A Quick Guide to Bug Reports
One of the hardest parts of being a developer is working with bug reports and support requests disguised as bug reports. Some people write very
Connection Refused Error in Cobalt Strike
I’ve had several folks write to me asking about the Connection Refused error when they try to use Cobalt Strike. This one: Cobalt Strike 3.0
The Cobalt Strike Trial’s Evil Bit
RFC 3514 proposes an IPv4 flag to allow traffic to flag itself as malicious or not. This RFC’s authors reason that if malicious programs opt