Raphael’s Transition
Friday was my last day at HelpSystems. I spent the day on the #Aggressor channel on Slack, put some final touches on a 12 month
Raffi’s Abridged Guide to Cobalt Strike
This blog post is a fast overview of Cobalt Strike. I assume that you are familiar with Meterpreter, Mimikatz, and make use of Offensive PowerShell in
Out of Band Update: Cobalt Strike 4.11.1
Cobalt Strike 4.11.1 is now available. This is an out of band update to fix an issue regarding module stomping that was discovered in the
Meet Cobalt Strike: Adaptive Pen Testing
If you’re reading this, you’re likely aware of the Armitage project. Fed by your enthusiasm and feedback, Armitage has enjoyed a rapid pace of development
Man-in-the-Browser Session Hijacking
Malware like Zeus and its variants inject themselves into a user’s browser to steal banking information. This is a man-in-the-browser attack. So-called, because the attacker
Joe’s Transition
My career is taking me in a new and exciting direction, and I am stepping down from my role on the Cobalt Strike team. I’ve
Introducing Morning Catch – A Phishing Paradise
Morning Catch is a VMware virtual machine, similar to Metasploitable, to demonstrate and teach about targeted client-side attacks and post-exploitation. On this virtual machine, you
Introducing Cobalt Strike Community Kit
What is Community Kit? Cobalt Strike is a post-exploitation framework designed to be extended and customized by the user community. Several excellent tools and scripts
Incorporating New Tools into Core Impact
Core Impact has further enhanced the pen testing process with the introduction of two new modules. The first module enables the use of .NET assemblies,
Get to Know Cobalt Strike: New Introductory Training
We’re excited to announce the launch of a brand-new Cobalt Strike training course, created in collaboration between Fortra and Zero-Point Security. This unique partnership brings