Cobalt Strike 4.9: Take Me To Your Loader
Cobalt Strike 4.9 is now available. This release sees an overhaul to Cobalt Strike’s post exploitation capabilities to support user defined reflective loaders (UDRLs), the
Cobalt Strike and Outflank Security Tooling: Friends in Evasive Places
This is a joint blog written by the Cobalt Strike and Outflank teams. It is also available on the Outflank site. Over the past few months
Cobalt Strike DoS Vulnerability (CVE-2021-36798)
SentinelOne discovered a denial of service (DoS) vulnerability in Cobalt Strike. The bug (aka Hotcobalt) can cause a denial of service on a teamserver by using
Cobalt Strike RCE. Active Exploitation Reported.
Summary There is a remote code execution vulnerability in the Cobalt Strike team server. A hot fix that breaks this particular exploit chain is available.
Cobalt Strike Roadmap Update
Historically, Raphael Mudge, the creator of Cobalt Strike, didn’t typically talk about the Cobalt Strike roadmap publicly. He preferred to play his cards close to
Cobalt Strike Updates 03.06.13
Just in time for this weekend’s North East Collegiate Cyber Defense Competition event, I have a fresh update to Armitage and Cobalt Strike. Here’s the
Cobalt Strike’s Process Injection: The Details
Cobalt Strike 3.14 finally delivered some of the process injection flexibility I’ve long wanted to see in the product. In this post, I’d like to
Connection Refused Error in Cobalt Strike
I’ve had several folks write to me asking about the Connection Refused error when they try to use Cobalt Strike. This one: Cobalt Strike 3.0
Cortana: real-time collaborative hacking… with bots
At BSides Las Vegas, I talked about Force Multipliers for Red Team Operations. In this talk, I shared several stories about how my evil bots stole passwords,
Covert VPN – Layer 2 Pivoting for Cobalt Strike
Currently, I’m debating a class of social engineering “packages” to force SMB requests against an attacker controlled system. Ideas include packages to generate LNK files,