Cobalt Strike Pricing
Cobalt Strike is a threat emulation tool which simulates adversarial post-exploitation scenarios and supports Red Team operations. Replicate the tactics of a long-term embedded threat actor using a post-exploitation agent, Beacon, and Malleable C2, a command and control program that enables modification of network indicators to blend in with traffic and look like different malware.
Cobalt Strike is ideal for many types of security tests and its reach can be further extended by pairing it with other tools. Cobalt Strike is available individually as well as part of a bundle with Core Impact, a powerful penetration testing tool that can help to assess an organization’s defensive posture. With this bundle, you can provide additional insights to help bolster security and benefit from interoperability features like session passing and tunneling capabilities.
What is included in my Cobalt Strike License?
A new Cobalt Strike license costs $5,900 per user, per year. Every license comes with:
Post Exploitation – Execute PowerShell script, log keystrokes, take screenshots, download files, and spawn other payloads using Cobalt Strike’s custom agent.
Advanced Adversary Simulation – Emulate an embedded attacker using asynchronous “low and slow” communication to stay undetected.
Browser Pivoting – Bypass two-factor authentication using a man-in-the-browser attack.
Intelligence Gathering – Gather client-side reconnaissance using Cobalt Strike’s System Profiler.
Shared Sessions – Log onto the server along with other Red Teamers for collaborative engagements.
Flexible Framework – Alter Cobalt Strike’s built-in Attack Kits to suit your needs, or browse the Community Kit to add on tools and scripts made by other users.
Reporting and Logging – Generate multiple reports for data synthesis and further analysis.
Pricing Packages
Cobalt Strike can be purchased on its own or as part of a bundle with our penetration testing solution, Core Impact, for a reduced price.
Core Impact |
|
| Network Testing
|
|
| Client Side Testing |
|
| Web Application Testing |
|
| Wifi/Mobile Testing |
|
| Add-On Exploit Pack Integration |
|
| Interoperability with Cobalt Strike |
|
| Rapid Penetration Tests |
|
| Test Modules |
|
| Reporting |
|
| Integrations |
|
| Remote Exploitation |
|
| Unlimited IP Testing Scope |
|
| Pivoting |
|
| Post-Exploitation |
|
| CloudCypher Access |
|
| Web Interface |
|
| REST API |
|
| Teaming Capabilities |
|
| Support |
Customer Portal and email support |
Cobalt Strike + Core Impact Bundled Packages |
|
Core Impact |
|
| Network Testing
|
|
| Client Side Testing |
|
| Web Application Testing |
|
| Wifi/Mobile Testing |
|
| Add-On Exploit Pack Integration |
|
| Interoperability with Cobalt Strike |
|
| Rapid Penetration Tests |
|
| Test Modules |
|
| Reporting |
|
| Integrations |
|
| Remote Exploitation |
|
| Unlimited IP Testing Scope |
|
| Pivoting |
|
| Post-Exploitation |
|
| CloudCypher Access |
|
| Web Interface |
|
| REST API |
|
| Teaming Capabilities |
|
| Support |
Customer Portal and email support |
Cobalt Strike + Core Impact Bundled Packages |
|
Core Impact |
|
| Network Testing
|
|
| Client Side Testing |
|
| Web Application Testing |
|
| Wifi/Mobile Testing |
|
| Add-On Exploit Pack Integration |
|
| Interoperability with Cobalt Strike |
|
| Rapid Penetration Tests |
|
| Test Modules |
|
| Reporting |
|
| Integrations |
|
| Remote Exploitation |
|
| Unlimited IP Testing Scope |
|
| Pivoting |
|
| Post-Exploitation |
|
| CloudCypher Access |
|
| Web Interface |
|
| REST API |
|
| Teaming Capabilities |
|
| Support |
Phone, Customer Portal and email support |
Cobalt Strike + Core Impact Bundled Packages |
|
Interested in Cobalt Strike?
Discuss pricing and get any questions answered by talking to one of our experts.
