SecretCon 2025
Check us out at SecretCon 2025! PAIKKA Vandalia Tower, St. Paul, MN [...]Read More... from SecretCon 2025
Secure 360 Conference 2026
Secure360 has become the go‑to conference for professionals seeking well‑rounded education, collaboration, and fresh insights across the security and risk landscape. This event brings together
Session Passing from Cobalt Strike
Session passing is using one payload to spawn another payload. Sometimes, the payloads are from the same toolset. Other times, they’re not. Session passing options
ShowMeCon 2025
Come see us at Showmecon! Ameristar Casino & Resort One Ameristar Blvd., St. Charles, MO, 63301 US [...]Read More... from ShowMeCon 2025
Simple DNS Redirectors for Cobalt Strike
This post, from Ernesto Alvarez Capandeguy of Core Security’s CoreLabs Research Team, describes techniques used for creating UDP redirectors for protecting Cobalt Strike team servers.
Simplifying BOF Development: Debug, Test, and Save Your B(e)acon
Beacon Object Files (BOFs) were introduced in Cobalt Strike 4.1 in 2020. Since their release, BOFs have played a key role in post-exploitation activities, surpassing
Situational Awareness for Meterpreter Users
Hacking involves managing a lot of contextual factors at one time. Most times, the default situation works and a tool will perform beautifully for you.
Sleep Mask Update in Cobalt Strike 4.5
The Sleep Mask Kit was first introduced in Cobalt Strike 4.4 to allow users to modify how the sleep mask function looks in memory in order to defeat static signatures that identified Beacon. This
So, you won a regional and you’re headed to National CCDC
The 2015 National CCDC season started with 100+ teams across 10 regions. Now, there are 10 teams left and they’re headed to the National CCDC
SSL certificate verification failure
UPDATE: This has now been fixed. I’ve amended this post to reflect that. If you ran the Cobalt Strike update program today, you may have