Cobalt Strike 4.12: Fix Up, Look Sharp!
Cobalt Strike 4.12 is now available. We are excited to introduce a new look and feel for the Cobalt Strike GUI, a REST API, User
Cobalt Strike 4.11: Shhhhhh, Beacon is Sleeping….
Cobalt Strike 4.11 is now available. This release introduces a novel Sleepmask, a novel process injection technique, new out-of-the-box obfuscation options for Beacon, asynchronous BOFs,
Cobalt Strike 4.10: Through the BeaconGate
Cobalt Strike 4.10 is now available. This release introduces BeaconGate, the Postex Kit, and Sleepmask-VS. In addition, we have overhauled the Sleepmask API, refreshed the
Cobalt Strike 4.1 – The Mark of Injection
Cobalt Strike 4.1 is now available. This release introduces a new way to build post-ex tools that work with Beacon, pushes back on a generic
Cobalt Strike 4.0 – Bring Your Own Weaponization
Cobalt Strike 4.0 is now available. This release improves Cobalt Strike’s distributed operations model, revises post-exploitation workflows to drop some historical baggage, and adds “Bring
Cobalt Strike 3.9 – Livin’ in a Stager’s Paradise
Cobalt Strike 3.9 is now available. This release brings several additions to Malleable C2 with an emphasis on staging flexibility. Malleable HTTP/S Staging Stagers are
Cobalt Strike 3.8 – Who’s Your Daddy?
Cobalt Strike 3.8 is now available. This release adds features to spawn processes with an alternate parent process. This release also gives the operator control
Cobalt Strike 3.7 – Cat, Meet Mouse
The 8th release of the Cobalt Strike 3.0 series is now available. The release extends Malleable C2 to influence how Beacon lives in memory, adds code-signing for executables, and gives
Cobalt Strike 3.6 – A Path for Privilege Escalation
Cobalt Strike 3.6 is now available. This release adds an API to use third-party privilege escalation exploits with Beacon and extends Malleable C2 to allow
Cobalt Strike 3.5.1 – Important Security Update
Cobalt Strike 3.5.1 is now available. This release addresses a remote code execution vulnerability in Cobalt Strike. This vulnerability was discovered after a report of