Development Posted on December 16, 2021 (May 4, 2022) A Deeper Look Into the Max Retry Strategy Option A complementary strategy to the Host Rotation Strategy was introduced to Cobalt Strike 4.5. The max retry strategy was added to HTTP, HTTPS, and DNS Read More
Development, Releases Posted on December 14, 2021 (November 29, 2022) Cobalt Strike 4.5: Fork&Run – you’re “history” Cobalt Strike 4.5 is now available. This release sees new options for process injection, updates to the sleep mask and UDRL kits, evasion improvements and Read More
Development Posted on August 11, 2021 (May 3, 2022) TeamServer.prop Following the 4.4 release, you may have noticed a warning message when starting your teamserver: The missing file is optional and its absence does not Read More
Announcements, Development Posted on August 4, 2021 (November 29, 2022) Cobalt Strike 4.4: The One with the Reconnect Button Cobalt Strike 4.4 is now available. This release puts more control into your hands, improves Cobalt Strike’s evasive qualities and addresses a number of smaller Read More
Development Posted on August 4, 2021 (May 3, 2022) Cobalt Strike DoS Vulnerability (CVE-2021-36798) SentinelOne discovered a denial of service (DoS) vulnerability in Cobalt Strike. The bug (aka Hotcobalt) can cause a denial of service on a teamserver by Read More
Development Posted on April 14, 2021 (May 3, 2022) SSL certificate verification failure UPDATE: This has now been fixed. I’ve amended this post to reflect that. If you ran the Cobalt Strike update program today, you may have Read More
Announcements, Development Posted on March 3, 2021 (November 29, 2022) Cobalt Strike 4.3 – Command and CONTROL Cobalt Strike 4.3 is now available. The bulk of the release involves updates to DNS processing but there are some other, smaller changes in there Read More
Announcements, Development Posted on November 6, 2020 (November 29, 2022) Cobalt Strike 4.2 – Everything but the kitchen sink Cobalt Strike 4.2 is now available. This release overhauls our user exploitation features, adds more memory flexibility options to Beacon, adds more behavior flexibility to Read More
Announcements, Development Posted on June 25, 2020 (November 29, 2022) Cobalt Strike 4.1 – The Mark of Injection Cobalt Strike 4.1 is now available. This release introduces a new way to build post-ex tools that work with Beacon, pushes back on a generic Read More
Development Posted on May 12, 2020 (May 3, 2022) SSL certificate verification for failed TL;DR a certificate for part of the Cobalt Strike update infrastructure changed. Download the 20200511 distribution package to avoid certificate verification errors. If you recently Read More
