Cobalt Strike 1.49 – HTTP Proxy Authentication? No Problem.
I spend a lot of time on the road in March and April—using my tools. During these months, I take careful notes of the usability
Cobalt Strike 2.0 – Malleable Command and Control
I define threat replication as a penetration test that looks like an attack from an APT actor. Assessments that involve threat replication are more than
Cobalt Strike 2.1 – I have the POWER(shell)
For a long time, I’ve wanted the ability to use PowerUp, Veil PowerView, and PowerSploit with Cobalt Strike. These are useful post-exploitation capabilities written in
Cobalt Strike 2.2 – 1995 called, it wants its covert channel back…
Cobalt Strike’s Covert VPN feature now supports ICMP as one of its channels. Covert VPN is Cobalt Strike’s layer-2 pivoting capability. If you’re curious about
Cobalt Strike 2.3 – I’ve always wanted runas
Cobalt Strike 2.3 is now available. This release adds a runas command to Beacon. This command allows you to specify a username and password for any
Cobalt Strike 2.4 – A Pittance for Post-Exploitation
Cobalt Strike 2.4 is now available. If you use Beacon for post-exploitation, you’ll find a lot to like in this release. Here’s the highlights: Post-Exploitation Jobs
Cobalt Strike 2.5 – Advanced Pivoting
I spend a lot of my red time in the Access Manager role. This is the person on a red team who manages callbacks for
Cobalt Strike 2015: An Offensive Platform is Born
It’s hard to believe we’re at the end of 2015 and on to 2016. I’ve now had a product on the market for three and
Cobalt Strike 3.0 – Advanced Threat Tactics
Cobalt Strike’s mission is to help security professionals emulate “advanced threat tactics” during their engagements. I’ve executed on this since the product’s 2012 release. Cobalt
Cobalt Strike 3.1 – Scripting Beacons
Cobalt Strike 3.1 is now available. This release adds a lot of polish to the 3.x codebase and addresses several items from user feedback. Aggressor