Join a technical walkthrough of Cobalt Strike’s advanced capabilities for post-exploitation and adversary simulation. In the session, Cobalt Strike developers and researchers will demonstrate usage of the product and show the advanced evasion and customization of Cobalt Strike through hands-on demos. The session will be presented by Cobalt Strike product team members Pieter Ceelen and […]
Read More… from Fortra Cobalt Strike Demo Session – May 2025
Background A government agency responsible for critical public services commissions a Red Team engagement to assess its cybersecurity resilience. The exercise simulates an advanced persistent threat (APT) attack, testing the agency’s ability to detect, respond to, and mitigate cyber threats targeting sensitive government data, public infrastructure, and national security. Phase 1: Initial Access Operations The […]
Background A large financial institution conducts an assumed breach exercise to test its cybersecurity resilience. The Red Team is tasked with simulating an advanced persistent threat (APT) attack, while the Blue Team monitors, detects, and mitigates threats in real-time. Phase 1: Initial Access Operations The Red Team conducts reconnaissance on the Financial Institution’s employees using […]
Background A regional hospital network conducts a Red Team engagement to evaluate its cybersecurity defenses. The exercise aims to simulate a sophisticated cyberattack targeting patient data, medical devices, and critical infrastructure, testing the hospital’s ability to detect, respond to, and recover from an intrusion. Phase 1: Initial Access Operations The Red Team begins by gathering […]
Because of the invaluable data they possess, financial institutions remain a favorite target of malicious actors, with cyberattacks in the sector up more than 400% in three years. Fortunately, offensive security measures like red teaming can augment defensive tactics, giving security teams in the financial sector an additional leg up. Red team engagements test an […]
Cobalt Strike 4.11 is now available. This release introduces a novel Sleepmask, a novel process injection technique, new out-of-the-box obfuscation options for Beacon, asynchronous BOFs, and a DNS over HTTPS (DoH) Beacon. Additionally, we have overhauled Beacon’s reflective loader and there are numerous QoL updates. Out-of-the-Box Evasion Overhaul The focus of this release (and the […]
Read More… from Cobalt Strike 4.11: Shhhhhh, Beacon is Sleeping….
Since 2023, Microsoft’s Digital Crimes Unit (DCU), Fortra, and the Health Information Sharing and Analysis Center (Health-ISAC) have been working together to combat the use of unauthorized, legacy copies of Cobalt Strike and compromised Microsoft software, which have been weaponized by cybercriminals to deploy ransomware and other malware, causing significant harm to critical sectors like […]
Read More… from Update: Stopping Cybercriminals from Abusing Cobalt Strike
This short video provides a high level overview on how to install and use the Cobalt Strike Mutator Kit, which uses an LLVM obfuscator to break in-memory YARA scanning of the sleep mask. Are you ready to take the next step? […]
Cobalt Strike 4.10.1 is now available. This is an out of band update to fix issues that were discovered in Cobalt Strike 4.10 that we felt should be fixed before the next release. This update does not affect the 4.11 release which is well underway and due to ship in early 2025. Mutiple Team Server […]
Cobalt strike is a powerful red team tool that is used by pen testers and red teamers to replicate the tactics and techniques of long-term embedded attackers. This 5-minute video will give you a high-level overview of Cobalt Strike’s functionality, including its signature payload, Beacon, and its flexible C2 framework. Are you ready to take the next step? […]