Red Team Archives - Page 3 of 9 - Cobalt Strike Research and Development

Red Team Posted on December 14, 2016 (May 3, 2022)

I finally had a chance to sit down and play with BloodHound. This was an item on my hacker todo list for awhile now. In

Red Team Posted on November 3, 2016 (May 3, 2022)

Agentless Post Exploitation is using system administration capabilities to meet post-exploitation objectives, without an agent on the target. It’s just evil system administration. This talk

Red Team Posted on August 24, 2016 (September 13, 2022)

What happened to my Kill Date?

Cobalt Strike 3.4 introduced a Kill Date feature. This is a date that Cobalt Strike embeds into each Beacon stage. If a Beacon artifact is

Red Team Posted on June 29, 2016 (May 3, 2022)

Who let the logs out? Woof.

Logging is an important feature in any red team operations platform. Logs serve multiple purposes. Good logs aid reporting. If an operator needs output for

Red Team Posted on June 1, 2016 (May 3, 2022)

HOWTO: Port Forwards through a SOCKS proxy

Recently, I’ve had multiple people ask about port forwards with Cobalt Strike’s Beacon payload. Beacon has had SOCKS proxy pivoting support since June 2013. This feature

Red Team Posted on March 30, 2016 (May 3, 2022)

Pics or it didn’t happen…

One of the most important things in a red teamer’s job is evidence. If you can’t demonstrate impact and make a risk real, it’s as

Red Team Posted on March 23, 2016 (May 3, 2022)

Linux, Left out in the Cold?

I’ve had several folks ask about Linux targets with Cobalt Strike 3.0 and later. Beacon is a Windows-only payload. The big question becomes, how do

Red Team Posted on March 2, 2016 (May 3, 2022)

A History of Cobalt Strike in Training Courses

In 2011, I was invited to Austin, TX by the local ISSA and OWASP chapters to teach a class on Armitage and the Metasploit Framework.

Red Team Posted on February 23, 2016 (May 3, 2022)

Cobalt Strike Tips for 2016 CCDC Red Teams

It’s CCDC season again. CCDC is the National Collegiate Cyber Defense Competition. Teams of students in 10 regions run simulated business networks and defend against

Red Team Posted on February 17, 2016 (May 3, 2022)

The Threat Emulation Problem

There are a lot of people who talk about threat emulation. Use our super-duper-elitesy-neatsy-malware to emulate these tactics in your network. I say stuff like

Blogs filtered by Red Team