What is Community Kit? Cobalt Strike is a post-exploitation framework designed to be extended and customized by the user community. Several excellent tools and scripts have been written and published, but they can be challenging to locate. Community Kit is a central repository of extensions written by the user community to extend the capabilities of […]
Cornerstone: Announcements
Cobalt Strike 4.4: The One with the Reconnect Button
Cobalt Strike 4.4 is now available. This release puts more control into your hands, improves Cobalt Strike’s evasive qualities and addresses a number of smaller changes requested by our users… and yes! We’ve added a reconnect button! User Defined Reflective DLL Loader Cobalt Strike has a lot of flexibility in its Reflective Loading foundation but […]
Read More… from Cobalt Strike 4.4: The One with the Reconnect Button
There’s a New Deputy in Town
It’s been less than a month since I joined the Cobalt Strike team. My first impressions of this team have been overwhelmingly positive. As Raphael transitioned out, He left us with a message “Cobalt Strike is in good hands.” I couldn’t agree more. What can you expect from me? I’m here to provide input and […]
Raphael’s Transition
Friday was my last day at HelpSystems. I spent the day on the #Aggressor channel on Slack, put some final touches on a 12 month roadmap document, and worked with my colleagues to remove myself from a few systems I had originally designed. I had planned to get a blog post out yesterday, but the […]
Cobalt Strike 4.3 – Command and CONTROL
Cobalt Strike 4.3 is now available. The bulk of the release involves updates to DNS processing but there are some other, smaller changes in there too. DNS updates We have added options to Malleable C2 to allow DNS traffic to be masked. A new dns-beacon block allows you to specify options to override the DNS […]
verify.cobaltstrike.com outage summary
Cobalt Strike’s update process was degraded due to a data center outage that affected https://verify.cobaltstrike.com. The verify server is back up and the functionality of our update process is restored. Here’s the timeline of the incident: November 10, 2020 – 5:15pm EST The Cobalt Strike update process is degraded. You may still download and update […]
Cobalt Strike 4.2 – Everything but the kitchen sink
Cobalt Strike 4.2 is now available. This release overhauls our user exploitation features, adds more memory flexibility options to Beacon, adds more behavior flexibility to our post-exploitation features, and makes some nice changes to Malleable C2 too. User Exploitation Redux Cobalt Strike’s screenshot tool and keystroke logger are examples of user exploitation tools. These capabilities are […]
Read More… from Cobalt Strike 4.2 – Everything but the kitchen sink
Cobalt Strike 4.1 – The Mark of Injection
Cobalt Strike 4.1 is now available. This release introduces a new way to build post-ex tools that work with Beacon, pushes back on a generic shellcode detection strategy, and grants added protocol flexibility to the TCP and named pipe Beacons. Beacon Object Files Cobalt Strike has weaponization options for PowerShell, .NET, and Reflective DLLs. These […]
Cobalt Strike joins Core Impact at HelpSystems, LLC (now Fortra)
I founded Strategic Cyber LLC in 2012 to advocate a vision of threat-representative security testing. Over time, Cobalt Strike became the de facto commercial standard for red team operations and adversary simulations. I’ve long asked myself, how do I stay a good partner to my customers as their numbers grow and this field evolves? Today is a […]
Read More… from Cobalt Strike joins Core Impact at HelpSystems, LLC (now Fortra)
Cobalt Strike 4.0 – Bring Your Own Weaponization
Cobalt Strike 4.0 is now available. This release improves Cobalt Strike’s distributed operations model, revises post-exploitation workflows to drop some historical baggage, and adds “Bring Your Own Weaponization” workflows for privilege escalation and lateral movement. A Vision for Red Team Server Consolidation Cobalt Strike’s model for distributed operations (2013!) is to stand up a new server for […]
Read More… from Cobalt Strike 4.0 – Bring Your Own Weaponization