Blog
If you’ve ever had to change a module in the Metasploit Framework, you know the go to place is the modules/ directory off of the
Modifying Metasploit’s Stager Shellcode
Blog
I’m the developer of a commercial penetration testing product, Cobalt Strike. People are often amazed that I have a free 9-part Penetration Testing course on
Blog
Beacon is Cobalt Strike’s payload for red team actions. Beacon is a stable lifeline that can serve as a communication layer. Meterpreter is a fantastic post-exploitation agent
Blog
The Java Signed Applet Attack is a staple social engineering option. This attack presents the user with a signed Java Applet. If the user allows
Blog
A common trait among persistent attackers is their distributed infrastructure. A serious attacker doesn’t use one system to launch attacks and catch shells from. Rather,
Blog
Cobalt Strike has always exposed the Metasploit Framework’s tool to generate executables. Unfortunately, these executables are caught by anti-virus products. I’ve had a lot of
Blog
Malware like Zeus and its variants inject themselves into a user’s browser to steal banking information. This is a man-in-the-browser attack. So-called, because the attacker
Blog
Yesterday, one of my customers asked about x64 payloads in Cobalt Strike. Specifically, he wanted to know why Cobalt Strike doesn’t expose them. I’ve already
Blog
Beacon is my payload for low and slow control of a compromised system. Recently, I added peer-to-peer communication to Beacon. When two Beacons are linked,
Blog
<update 03:30pm> I’ve had some feedback that this post describes a concept that is too basic to put into blog form. I can see where this