Resources

Blog

Why I give all of my training material away—for free

I’m the developer of a commercial penetration testing product, Cobalt Strike. People are often amazed that I have a free 9-part Penetration Testing course on

Blog

Four Levels of Hacking Sophistication with Beacon

Beacon is Cobalt Strike’s payload for red team actions. Beacon is a stable lifeline that can serve as a communication layer. Meterpreter is a fantastic post-exploitation agent

Blog

Obituary: Java Self-Signed Applet (Age: 1.7u51)

The Java Signed Applet Attack is a staple social engineering option. This attack presents the user with a signed Java Applet. If the user allows

Blog

Cloud-based Redirectors for Distributed Hacking

A common trait among persistent attackers is their distributed infrastructure. A serious attacker doesn’t use one system to launch attacks and catch shells from. Rather,

Blog

Cobalt Strike 01.08.14 – EXE Artifacts: A New Hope

Cobalt Strike has always exposed the Metasploit Framework’s tool to generate executables. Unfortunately, these executables are caught by anti-virus products. I’ve had a lot of

Blog

Man-in-the-Browser Session Hijacking

Malware like Zeus and its variants inject themselves into a user’s browser to steal banking information. This is a man-in-the-browser attack. So-called, because the attacker

Blog

Why do I always use 32-bit payloads?

Yesterday, one of my customers asked about x64 payloads in Cobalt Strike. Specifically, he wanted to know why Cobalt Strike doesn’t expose them. I’ve already

Blog

Stealthy Peer-to-peer C&C over SMB pipes

Beacon is my payload for low and slow control of a compromised system. Recently, I added peer-to-peer communication to Beacon. When two Beacons are linked,

Blog

Reverse Meterpreter Connect-backs through a Compromised Host

<update 03:30pm> I’ve had some feedback that this post describes a concept that is too basic to put into blog form. I can see where this

Blog

Cobalt Strike 1.48 – Peer-to-peer C&C

I’m pleased to announce Cobalt Strike 1.48. This release introduces a peer-to-peer data channel for Beacon, improves browser pivoting, and updates the signed applet attack with

Applied Filters

Sort

Applied Filters

Type

Topic

Author

Subscribe to the Blog

Footer Menu 1

Footer Menu 2

Footer Menu 3

Footer Menu 4

Footer Menu 5

Contact Information

Privacy Policy

Cookie Policy

Terms of Service

Impressum