SSL certificate verification for failed
TL;DR a certificate for part of the Cobalt Strike update infrastructure changed. Download the 20200511 distribution package to avoid certificate verification errors. If you recently
TeamServer.prop
Following the 4.4 release, you may have noticed a warning message when starting your teamserver: The missing file is optional and its absence does not
Use Armitage and Cobalt Strike on Amazon’s EC2
James Webb has an interesting blog post on how to use Armitage to manage a pen test through Amazon’s Elastic Computing Cloud. He does a
User Exploitation at Scale
Some hackers only think about access. It’s the precious. How to get that first shell? I don’t care too much about this. I’m concerned about
User-driven Attacks
A user-driven attack is an attack that relies on a feature to get code execution. Most penetration testers I know rely on user-driven attacks over
Why do I always use 32-bit payloads?
Yesterday, one of my customers asked about x64 payloads in Cobalt Strike. Specifically, he wanted to know why Cobalt Strike doesn’t expose them. I’ve already