Posted on December 20, 2021 (December 20, 2021) User Defined Reflective Loader (UDRL) Update in Cobalt Strike 4.5 The User Defined Reflective Loader (UDRL) was first introduced in Cobalt Strike 4.4. to allow the creation and use of a custom reflective loader. This Read More
Posted on December 17, 2021 (December 17, 2021) Sleep Mask Update in Cobalt Strike 4.5 The Sleep Mask Kit was first introduced in Cobalt Strike 4.4 to allow users to modify how the sleep mask function looks in memory in order to defeat static signatures that identified Beacon. This Read More
Development Posted on December 16, 2021 (May 4, 2022) A Deeper Look Into the Max Retry Strategy Option A complementary strategy to the Host Rotation Strategy was introduced to Cobalt Strike 4.5. The max retry strategy was added to HTTP, HTTPS, and DNS Read More
Red Team Posted on December 15, 2021 (January 25, 2022) Process Injection Update in Cobalt Strike 4.5 Process injection is a core component to Cobalt Strike post exploitation. Until now, the option was to use a built-in injection technique using fork&run. This Read More
Development, Releases Posted on December 14, 2021 (November 29, 2022) Cobalt Strike 4.5: Fork&Run – you’re “history” Cobalt Strike 4.5 is now available. This release sees new options for process injection, updates to the sleep mask and UDRL kits, evasion improvements and Read More
Announcements Posted on November 19, 2021 (May 4, 2022) Cobalt Strike infrastructure changes We will be making some changes to the Cobalt Strike infrastructure in late November/early December. We are not anticipating any downtime but we wanted to Read More
Red Team Posted on November 17, 2021 (June 6, 2022) Nanodump: A Red Team Approach to Minidumps Motivation It is known that dumping Windows credentials is a technique often utilized for everyday attacks by adversaries and, consequently, Red Teamers. This process has Read More
Red Team Posted on November 2, 2021 (May 4, 2022) Create a proxy DLL with artifact kit DLL attacks (hijacking, proxying, etc) are a challenge defenders must face. They can be leveraged in a Red Team engagement to help measure these defenses. Read More
Scripting Posted on October 13, 2021 (May 2, 2022) Cobalt Strike Sleep Python Bridge This project started after seeing how the user community tweaks and tunes Cobalt Strike. I was inspired by @BinaryFaultline and @Mcgigglez16 in their project https://github.com/emcghee/PayloadAutomation Read More
Red Team Posted on September 13, 2021 (May 17, 2022) How to Extend Your Reach with Cobalt Strike We’re often asked, “what does Cobalt Strike do?” In simple terms, Cobalt Strike is a post-exploitation framework for adversary simulations and Red Teaming to help Read More