Release Out: Finally, Some REST
The REST API was a major feature of the 4.12 release and forms part of a broader ongoing change in the Cobalt Strike ecosystem. Therefore,
Out of Band Update: Cobalt Strike 4.11.1
Cobalt Strike 4.11.1 is now available. This is an out of band update to fix an issue regarding module stomping that was discovered in the
Red Team Use Case: Government Agency
Background A government agency responsible for critical public services commissions a Red Team engagement to assess its cybersecurity resilience. The exercise simulates an advanced persistent
Red Team Use Case: Financial Institution
Background A large financial institution conducts an assumed breach exercise to test its cybersecurity resilience. The Red Team is tasked with simulating an advanced persistent
Red Team Use Case: Healthcare
Background A regional hospital network conducts a Red Team engagement to evaluate its cybersecurity defenses. The exercise aims to simulate a sophisticated cyberattack targeting patient
Cobalt Strike 4.11: Shhhhhh, Beacon is Sleeping….
Cobalt Strike 4.11 is now available. This release introduces a novel Sleepmask, a novel process injection technique, new out-of-the-box obfuscation options for Beacon, asynchronous BOFs,
Out of Band Update: Cobalt Strike 4.10.1
Cobalt Strike 4.10.1 is now available. This is an out of band update to fix issues that were discovered in Cobalt Strike 4.10 that we
A Simple Guide to Successful Red Teaming
As threat actors innovate their tactics, security teams need to match them step for step. We can’t fight new and complex threats with old and
Revisiting the UDRL Part 3: Beacon User Data
The UDRL and the Sleepmask are key components of Cobalt Strike’s evasion strategy, yet historically they have not worked well together. For example, prior to
Cobalt Strike 4.10: Through the BeaconGate
Cobalt Strike 4.10 is now available. This release introduces BeaconGate, the Postex Kit, and Sleepmask-VS. In addition, we have overhauled the Sleepmask API, refreshed the