2 min Incorporating New Tools into Core Impact Core Impact has further enhanced the pen testing process with the introduction of two new modules. The first module enables the use of .NET assemblies, Read More
1 min Cobalt Strike Training Options The Cobalt Strike training web page has been updated. https://www.cobaltstrike.com/training/ The training web page lists free courses created by the Cobalt Strike team that provide Read More
Red Team 13 min Writing Beacon Object Files: Flexible, Stealthy, and Compatible Our colleagues over at Core Security have been doing great things with Cobalt Strike, making use of it in their own engagements. They wrote up Read More
3 min User Defined Reflective Loader (UDRL) Update in Cobalt Strike 4.5 The User Defined Reflective Loader (UDRL) was first introduced in Cobalt Strike 4.4. to allow the creation and use of a custom reflective loader. This Read More
2 min Sleep Mask Update in Cobalt Strike 4.5 The Sleep Mask Kit was first introduced in Cobalt Strike 4.4 to allow users to modify how the sleep mask function looks in memory in order to defeat static signatures that identified Beacon. This Read More
Development 2 min A Deeper Look Into the Max Retry Strategy Option A complementary strategy to the Host Rotation Strategy was introduced to Cobalt Strike 4.5. The max retry strategy was added to HTTP, HTTPS, and DNS Read More
Red Team 25 min Process Injection Update in Cobalt Strike 4.5 Process injection is a core component to Cobalt Strike post exploitation. Until now, the option was to use a built-in injection technique using fork&run. This Read More
Development, Releases 3 min Cobalt Strike 4.5: Fork&Run – you’re “history” Cobalt Strike 4.5 is now available. This release sees new options for process injection, updates to the sleep mask and UDRL kits, evasion improvements and Read More
Announcements 1 min Cobalt Strike infrastructure changes We will be making some changes to the Cobalt Strike infrastructure in late November/early December. We are not anticipating any downtime but we wanted to Read More
Red Team 5 min Nanodump: A Red Team Approach to Minidumps Motivation It is known that dumping Windows credentials is a technique often utilized for everyday attacks by adversaries and, consequently, Red Teamers. This process has Read More