During DEFCON, I sat down with Boonsri, a journalist from BYTE to discuss Cobalt Strike and the hacker process in general. This interview was from the same day I lost my voice. During the demo, I used Cobalt Strike’s website clone tool to copy a site and add an exploit to it. From there, I started to log keystrokes of my “corporate victim”.
The full video is in the BYTE Story – Client-side Hacks: Fake Sites Keep Companies Vulnerable
Here are a few artifacts from the interview, if you’d like to explore the concepts further: