Unlock Next-Generation Adversary Simulation Capabilities Join our developers and researchers for our latest technical demo highlighting the 4.12 release, featuring cutting-edge post-exploitation techniques and adversary simulation strategies. Perfect for both seasoned operators and cybersecurity professionals seeking to understand the strategic philosophy behind this foundational red teaming framework. What you’ll experience: Why attend? Discover new approaches […]
Read More… from Fortra Cobalt Strike Demo Session – March 2026
Secure360 has become the go‑to conference for professionals seeking well‑rounded education, collaboration, and fresh insights across the security and risk landscape. This event brings together experts and teams to explore critical topics including cybersecurity, governance, risk and compliance, physical security, business continuity, and overall professional growth. When:May 13-14 Where: Mystic Lake Center Prior Lake, Minnesota, […]
Read More… from Secure 360 Conference 2026
The RSA Conference USA is a leading global cybersecurity event, at the Moscone Center in San Francisco, bringing together thousands of industry professionals for high‑level keynotes, expert‑led sessions, hands‑on learning, and a large expo showcasing advanced security technologies, all unified under the 2026 theme, “The Power of Community.” When:March 23-26 Where: Moscone Center San Francisco, California, […]
Read More… from RSAC 2026 Conference – San Francisco
One of the world’s largest in‑person CTF competitions, drawing participants and experts from around the globe. It began as a modest hacking competition in 2008 and has since evolved into one of Switzerland’s and Europe’s major cybersecurity events. Hope to see you there! When:March 16-20 Where: SwissTech Convention Center Lausanne, Switzerland. Experts in Attendance: Samuel […]
Read More… from Insomni’hack 2026
We have previously blogged about using BeaconGate to dynamically instrument Beacon at run time. However, one of BeaconGate’s limitations is that it is not applied throughout Beacon’s entire lifecycle. Specifically, it does not impact the reflective loading process. Hence, if an EDR is monitoring for unbacked VirtualAlloc or LoadLibrary calls, we cannot use BeaconGate to bypass it. To solve this problem, we must get our hands dirty with UDRL development. However, to […]
Read More… from Playing in the (Tradecraft) Garden of Beacon: Finding Eden
Join our experts at WWHF @ Mile High! WWHF brings together cutting-edge technical talks, immersive workshops and labs, and countless opportunities to connect with industry experts, including Cobalt Strike’s own Steve Salinas and Austin Hudson. Stop by Booth #12 to connect and talk shop about the latest in offensive security. Hope to see you there! […]
Read More… from Wild West Hackin’ Fest @ Mile High 2026
This blog is all about experimenting and having fun with the new CS REST API and the generative AI ecosystem. We’ll demonstrate how we used Claude Desktop and its Model Context Protocol (MCP) integration to automate and orchestrate attacks through the CS REST API. We will also share the following internal (vibe-coded) experiments, intended to […]
Read More… from Me, Myself and AI: Internal Experiments with the CS REST API
Walk through a typical red team operation lifecycle, from initial access through post-operation cleanup. A disciplined red team lifecycle transforms offensive work from isolated engagements into strategic contributions. It allows red teamers to demonstrate not only technical capability, but also the ability to influence resilience, reduce risk, and drive meaningful change across the organization. Read […]
Read More… from Red Team Operations Lifecycle
Cobalt Strike 4.12 introduces: Release blogs can be found here and release notes here. Are you ready to take the next step? […]
Read More… from Cobalt Strike 4.12 in 1 Minute
The REST API was a major feature of the 4.12 release and forms part of a broader ongoing change in the Cobalt Strike ecosystem. Therefore, we wanted to dedicate a blog post to explain the rationale behind it, discuss the architecture, and provide hands-on examples to get our customers up and running. In addition to […]
Read More… from Release Out: Finally, Some REST