Blog
I write so many blog posts about Beacon, I should just give up and call this the Beacon blog. Beacon is Cobalt Strike’s post-exploitation agent
How I tunnel Meterpreter through Beacon
Blog
Cobalt Strike 2.3 is now available. This release adds a runas command to Beacon. This command allows you to specify a username and password for any
Blog
One of my favorite blog posts from last year was the Adversary Tricks and Treats post from CrowdStrike. They showed how one of the actors
Blog
This blog post is inspired by a question sent to a local mailing list. The original poster asks, what’s the go-to phishing technique or exploit
Blog
TL;DR This is my opinion on Threat Intelligence: Automated Defense using Threat Intelligence feeds is (probably) rebranded anti-virus. Threat Intelligence offers benefit when used to
Blog
Cobalt Strike’s Covert VPN feature now supports ICMP as one of its channels. Covert VPN is Cobalt Strike’s layer-2 pivoting capability. If you’re curious about
Blog
There is a growing chorus of folks talking about simulating targeted attacks from known adversaries as a valuable security service. The argument goes like this: penetration testers
Blog
Cortana is the scripting engine built into Armitage and Cobalt Strike. It’s based on my Sleep scripting language. Most scripting languages have a REPL (Read,
Blog
A few months ago, I was having lunch at a favorite Italian restaurant in Washington, DC. I work in a residential area, which means lunch
Blog
I wrote Cobalt Strike and I take it for granted that my users know where things are. This doesn’t come from nowhere though. The users