Adversary Simulation Becomes a Thing…
There is a growing chorus of folks talking about simulating targeted attacks from known adversaries as a valuable security service. The argument goes like this: penetration testers
Agent Deployed: Core Impact and Cobalt Strike Interoperability
Core Impact 20.3 has shipped this week. With this release, we’re revealing patterns for interoperability between Core Impact and Cobalt Strike. In this post, I’ll
Agentless Post Exploitation
Agentless Post Exploitation is using system administration capabilities to meet post-exploitation objectives, without an agent on the target. It’s just evil system administration. This talk
Aggressor Script’s Secret mIRC Scripting Past
Aggressor Script is the scripting engine in Cobalt Strike 3.0 and later. If you want to learn more about it, I recommend reading the documentation.
An unnecessary addiction to DNS communication
I regularly hear stories from my users about how they got past a tough situation and had success that they claim was not possible without
Another Night, Another Actor
Earlier last year, I had a frantic call from a customer. They needed to make a small change to Beacon’s communication pattern and quickly. This
Appropriate Covert Channels
As a product vendor, I regularly receive suggestions from my users. It’s easy to break these suggestions up into different categories. One such category would
Armitage and Cobalt Strike 1.47 Released
Armitage and Cobalt Strike 1.47 are now available. This release improves many aspects of the workflow in both Armitage and Cobalt Strike. Here are some
Arsenal Kit Update: Thread Stack Spoofing
As I mentioned in the recent Roadmap Update blog post, we are in the process of expanding the Cobalt Strike development team and ramping up
Artificial Intelligence for Post-Exploitation
Post-exploitation tasks frequently require manual analysis, such as relying on an operators’ expertise to scan a target environment for sensitive information that could support in