Resources

Cobalt Strike’s Covert VPN feature now supports ICMP as one of its channels. Covert VPN is Cobalt Strike’s layer-2 pivoting capability. If you’re curious about

I wrote Cobalt Strike and I take it for granted that my users know where things are. This doesn’t come from nowhere though. The users

A user-driven attack is an attack that relies on a feature to get code execution. Most penetration testers I know rely on user-driven attacks over

For a long time, I’ve wanted the ability to use PowerUp, Veil PowerView, and PowerSploit with Cobalt Strike. These are useful post-exploitation capabilities written in

Cobalt Strike has always exposed the Metasploit Framework’s tool to generate executables. Unfortunately, these executables are caught by anti-virus products. I’ve had a lot of

Yesterday, one of my customers asked about x64 payloads in Cobalt Strike. Specifically, he wanted to know why Cobalt Strike doesn’t expose them. I’ve already

Several months ago, I was asked if I had a way to get past two-factor authentication on web applications. Criminals do it, but penetration testers

Just in time for this weekend’s North East Collegiate Cyber Defense Competition event, I have a fresh update to Armitage and Cobalt Strike. Here’s the

Joel Spolsky is one of my favorite writers on the topic of software development. He coined a 12-step Joel Test to determine if your company

Java is a popular vector for penetration testers and those who penetrate networks without an invitation. An attacker creates a website to host a Java