Artificial Intelligence for Post-Exploitation | Cobalt Strike
Explore the requirements for AI/ML in post exploitation scenarios and key advancements in Window AI/ML APIs to enable integration them into Cobalt Strike workflows.| Cobalt Strike
We’re excited to announce the launch of a brand-new Cobalt Strike training course, created in collaboration between Fortra and Zero-Point Security. This unique partnership brings together the expertise of Cobalt Strike’s team with the field-tested training experience of Zero-Point Security to deliver an unmatched learning opportunity. Through this course users can learn how to use [...] Read More... from Get to Know Cobalt Strike: New Introductory Training The post Get to Know Cobalt Stri...| Cobalt Strike
Explore the requirements for AI/ML in post exploitation scenarios and key advancements in Window AI/ML APIs to enable integration them into Cobalt Strike workflows.| Cobalt Strike
TL;DR: In this blog we’ll demonstrate how to instrument Beacon via BeaconGate and walk through our implementations of return address spoofing, indirect syscalls, and a call stack spoofing technique, Draugr, that are now available in Sleepmask-VS. Furthermore, we’ll provide tips and tricks for developers in getting set up with Sleepmask-VS so they can write their [...] Read More... from Dynamically Instrumenting Beacon With BeaconGate – For All Your Call Stack Spoofing Needs! The post Dy...| Cobalt Strike
Cobalt Strike 4.11.1 is now available. This is an out of band update to fix an issue regarding module stomping that was discovered in the 4.11 release that we felt should be fixed prior to the next release. Besides that issue, this out of band release also allowed us to include two other smaller bugfixes/quality [...] Read More... from Out of Band Update: Cobalt Strike 4.11.1 The post Out of Band Update: Cobalt Strike 4.11.1 appeared first on Cobalt Strike.| Cobalt Strike
Cobalt Strike 4.11 is now available. This release introduces a novel Sleepmask, a novel process injection technique, new out-of-the-box obfuscation options for Beacon, asynchronous BOFs, and a DNS over HTTPS (DoH) Beacon. Additionally, we have overhauled Beacon’s reflective loader and there are numerous QoL updates. Out-of-the-Box Evasion Overhaul The focus of this release (and the [...] Read More... from Cobalt Strike 4.11: Shhhhhh, Beacon is Sleeping…. The post Cobalt Strike 4.11: Shhhh...| Cobalt Strike
Cobalt Strike 4.10.1 is now available. This is an out of band update to fix issues that were discovered in Cobalt Strike 4.10 that we felt should be fixed before the next release. This update does not affect the 4.11 release which is well underway and due to ship in early 2025. Mutiple Team Server [...] Read More... from Out of Band Update: Cobalt Strike 4.10.1 The post Out of Band Update: Cobalt Strike 4.10.1 appeared first on Cobalt Strike.| Cobalt Strike
TLDR: Cobalt Strike Staffing Changes Recently there have been some internal changes within the Cobalt Strike team. Greg Darwin has switched to a new position within Fortra. Greg has been the face of Cobalt Strike within the community for a number of years and we thank Greg for all his work and effort he put [...] Read More... from Cobalt Strike Staffing Changes and the Road Ahead The post Cobalt Strike Staffing Changes and the Road Ahead appeared first on Cobalt Strike.| Cobalt Strike
The UDRL and the Sleepmask are key components of Cobalt Strike’s evasion strategy, yet historically they have not worked well together. For example, prior to CS 4.10, Beacon statically calculated its location in memory using a combination of its base address and its section table. This calculation was then modified depending on the contents of [...] Read More... from Revisiting the UDRL Part 3: Beacon User Data The post Revisiting the UDRL Part 3: Beacon User Data appeared first on Cobalt S...| Cobalt Strike
Cobalt Strike 4.10 is now available. This release introduces BeaconGate, the Postex Kit, and Sleepmask-VS. In addition, we have overhauled the Sleepmask API, refreshed the Jobs UI, added new BOF APIs, added support for hot swapping C2 hosts, and more. This has been a longer release cycle than in previous releases to allow us to [...] Read More... from Cobalt Strike 4.10: Through the BeaconGate The post Cobalt Strike 4.10: Through the BeaconGate appeared first on Cobalt Strike.| Cobalt Strike
Updates on the joint efforts of Microsoft’s Digital Crimes Unit (DCU), Fortra, and Health-ISAC to combat the use of unauthorized, legacy copies of Cobalt Strike| Cobalt Strike
