Red Team Posted on May 16, 2023 (May 16, 2023) Cobalt Strike and YARA: Can I Have Your Signature? Over the past few years, there has been a massive proliferation of YARA signatures for Beacon. We know from conversations with our customers that this Read More
Announcements Posted on April 6, 2023 (April 6, 2023) Stopping Cybercriminals From Abusing Security Tools Microsoft’s Digital Crimes Unit (DCU), cybersecurity software company Fortra™ and Health Information Sharing and Analysis Center (Health-ISAC) are taking technical and legal action to disrupt Read More
Development Posted on March 29, 2023 (March 29, 2023) Cobalt Strike 2023 Roadmap and Strategy Update I blogged about the Cobalt Strike roadmap in March last year and while the fundamental tenets of our approach to R&D remain unaltered, a lot Read More
Development, Red Team Posted on March 15, 2023 (March 16, 2023) Revisiting the User-Defined Reflective Loader Part 1: Simplifying Development This blog post accompanies a new addition to the Arsenal Kit – The User-Defined Reflective Loader Visual Studio (UDRL-VS). Over the past few months, we Read More
Development, Releases Posted on March 7, 2023 (March 7, 2023) Cobalt Strike 4.8: (System) Call Me Maybe Cobalt Strike 4.8 is now available. This release sees support for system calls, options to specify payload guardrails, a new token store, and more. We Read More
Development, Red Team Posted on February 13, 2023 (April 26, 2023) Behind the Mask: Spoofing Call Stacks Dynamically with Timers This blog introduces a PoC technique for spoofing call stacks using timers. Prior to our implant sleeping, we can queue up timers to overwrite its Read More
Development, Releases Posted on October 17, 2022 (October 24, 2022) Out Of Band Update: Cobalt Strike 4.7.2 Cobalt Strike 4.7.2 is now available. This is an out of band update to fix a remote code execution vulnerability that is rooted in Java Read More
Development, Releases Posted on September 20, 2022 (October 24, 2022) Out Of Band Update: Cobalt Strike 4.7.1 Cobalt Strike 4.7.1 is now available. This is an out of band update to fix an issue discovered in the 4.7 release that was reported Read More
Development, Releases Posted on August 17, 2022 (October 24, 2022) Cobalt Strike 4.7: The 10th Anniversary Edition Cobalt Strike 4.7 is now available. This release sees support for SOCKS5, new options to provide flexibility around how BOFs live in memory, updates to Read More
Posted on July 26, 2022 (July 26, 2022) Celebrating 10 Years of Cobalt Strike Can you believe it? Cobalt Strike is 10 years old! Think back to the summer of 2012. The Olympics were taking place in London. CERN Read More