Cobalt Strike 4.5
Cobalt Strike 4.5
Adversary Simulations and Red Team Operations are security assessments that replicate the tactics and techniques of an advanced adversary in a network. While penetration tests focus on unpatched vulnerabilities and misconfigurations, these assessments benefit security operations and incident response.
Why Cobalt Strike?
Cobalt Strike gives you a post-exploitation agent and covert channels to emulate a quiet long-term embedded actor in your customer’s network. Malleable C2 lets you change your network indicators to look like different malware each time. These tools complement Cobalt Strike’s solid social engineering process, its robust collaboration capability, and unique reports designed to aid blue team training.
Cobalt Strike is threat emulation software. Execute targeted attacks against modern enterprises with one of the most powerful network attack kits available to penetration testers. This is not compliance testing.
Reconnaissance
Cobalt Strike’s system profiler discovers which client-side applications your target uses, with version information.
Covert Communication
Beacon’s network indicators are malleable. Load a C2 profile to look like another actor. Use HTTP, HTTPS, and DNS to egress a network. Use named pipes to control Beacons, peer-to-peer, over the SMB protocol.
Spear phishing
Import a message and let Cobalt Strike replace links and text to build a convincing phish for you. Cobalt Strike sends email and tracks who clicks.
Collaboration
Connect to a Cobalt Strike team server to share data, communicate in real-time, and control systems compromised during the engagement.
Post Exploitation
Beacon is Cobalt Strike’s payload to model an advanced actor. Beacon executes PowerShell scripts, logs keystrokes, takes screenshots, downloads files, and spawns other payloads.
Attack Packages
Use Cobalt Strike to host a web drive-by attack or transform an innocent file into a trojan horse.
Java Applet Attacks
Microsoft Office Documents
Microsoft Windows Programs
Website Clone Tool
Browser Pivoting
Use a Browser Pivot to go around two-factor authentication and access sites as your target.
Reporting and Logging
Cobalt Strike’s reports provide a timeline and a list of indicators from red team activity. These reports are made to benefit our peers in security operations. Cobalt Strike exports reports as both PDF and MS Word documents.