One of the world’s largest in‑person CTF competitions, drawing participants and experts from around the globe. It began as a modest hacking competition in 2008 and has since evolved into one of Switzerland’s and Europe’s major cybersecurity events. Hope to see you there! When:March 16-20 Where: SwissTech Convention Center Lausanne, Switzerland. Experts in Attendance: Samuel […]
We have previously blogged about using BeaconGate to dynamically instrument Beacon at run time. However, one of BeaconGate’s limitations is that it is not applied throughout Beacon’s entire lifecycle. Specifically, it does not impact the reflective loading process. Hence, if an EDR is monitoring for unbacked VirtualAlloc or LoadLibrary calls, we cannot use BeaconGate to bypass it. To solve this problem, we must get our hands dirty with UDRL development. However, to […]
Read More… from Playing in the (Tradecraft) Garden of Beacon: Finding Eden
Background A high-tech manufacturing firm commissions a red team engagement to proactively test its readiness against targeted attacks. The firm is active in industrial automation and advanced components, and relies on proprietary designs, digital manufacturing workflows, and legacy OT systems. It understands its vulnerability to compromises aimed at IP theft and production disruption, and it […]
Join our experts at WWHF @ Mile High! WWHF brings together cutting-edge technical talks, immersive workshops and labs, and countless opportunities to connect with industry experts, including Cobalt Strike’s own Steve Salinas and Austin Hudson. Stop by Booth #12 to connect and talk shop about the latest in offensive security. Hope to see you there! […]
This blog is all about experimenting and having fun with the new CS REST API and the generative AI ecosystem. We’ll demonstrate how we used Claude Desktop and its Model Context Protocol (MCP) integration to automate and orchestrate attacks through the CS REST API. We will also share the following internal (vibe-coded) experiments, intended to […]
Read More… from Me, Myself and AI: Internal Experiments with the CS REST API
Cobalt Strike 4.12 introduces: Release blogs can be found here and release notes here. Are you ready to take the next step? […]
The REST API was a major feature of the 4.12 release and forms part of a broader ongoing change in the Cobalt Strike ecosystem. Therefore, we wanted to dedicate a blog post to explain the rationale behind it, discuss the architecture, and provide hands-on examples to get our customers up and running. In addition to […]
Cobalt Strike 4.12 is now available. We are excited to introduce a new look and feel for the Cobalt Strike GUI, a REST API, User Defined Command and Control (UDC2), new process injection options, new UAC bypasses, a new BOF API BeaconDownload for in-memory buffers, and new drip loading Malleable C2 options. Additionally, we have overhauled […]
Watch a technical walkthrough of Cobalt Strike’s advanced capabilities for post-exploitation and adversary simulation. In the session, Cobalt Strike developers and researchers will demonstrate usage of the product and show the advanced evasion and customization of Cobalt Strike through hands-on demos. The session will be presented by Cobalt Strike product team members Pieter Ceelen, Steve […]
The integration of Large Language Models (LLMs) and artificial intelligence applications within offensive security operations and red teaming has led to a rapid evolution in attack methodologies. In this hands-on training, offensive security experts from Cobalt Strike and Outflank will demonstrate how harnessing these technologies can significantly enhance engagements. Topics covered will include: – Utilizing […]
Read More… from Offensive AI Training with Cobalt Strike and Outflank