Collaborate Disseminate
Christa: In digital forensics, knowing how to write code allows you to create your own forensic tools, test other people’s tools and contribute to the community overall. But among all the learning choices from books to training courses, s… Continue reading Alexis Brignoni on Teaching and Learning Python: Why It’s Important and What’s Involved
This project started after seeing how the user community tweaks and tunes Cobalt Strike. I was inspired by @BinaryFaultline and @Mcgigglez16 in their project https://github.com/emcghee/PayloadAutomation and blog post http://blog.redxorblue.com/2021/06/introducing-striker-and-payload.html. They created a clever way to interact with a teamserver without the GUI. Before I get too far, I’ll touch on Aggressor scripting and the Sleep […]
The post Cobalt Strike Sleep Python Bridge appeared first on Cobalt Strike Research and Development.
This project started after seeing how the user community tweaks and tunes Cobalt Strike. I was inspired by @BinaryFaultline and @Mcgigglez16 in their project https://github.com/emcghee/PayloadAutomation and blog post http://blog.redxorblue.com/2021/06/introducing-striker-and-payload.html. They created a clever way to interact with a teamserver without the GUI. Before I get too far, I’ll touch on Aggressor scripting and the Sleep […]
The post Cobalt Strike Sleep Python Bridge appeared first on Cobalt Strike Research and Development.
You can now update Mimikatz between Cobalt Strike releases. Updates will periodically be made available to licensed users via the Arsenal as the Mimikatz Kit. Usage: Download and extract the .tgz from the Arsenal (Note: The version uses the Mimikatz release version naming (i.e., 2.2.0.20210724) Load the mimikatz.cna aggressor script Use mimikatz functions as normal […]
The post Introducing Mimikatz Kit appeared first on Cobalt Strike Research and Development.
You can now update Mimikatz between Cobalt Strike releases. Updates will periodically be made available to licensed users via the Arsenal as the Mimikatz Kit. Usage: Download and extract the .tgz from the Arsenal (Note: The version uses the Mimikatz release version naming (i.e., 2.2.0.20210724) Load the mimikatz.cna aggressor script Use mimikatz functions as normal […]
The post Introducing Mimikatz Kit appeared first on Cobalt Strike Research and Development.
One of the things I find fascinating about being on the Cobalt Strike team is the community. It is amazing to see how people overcome unique challenges and push the tool in directions never considered. I want explore this with CredBandit (https://github.com/xforcered/CredBandit). This tool has had updates since I started exploring. I’m specifically, looking at […]
The post CredBandit (In memory BOF MiniDump) – Tool review – Part 1 appeared first on Cobalt Strike Research and Development.
Continue reading CredBandit (In memory BOF MiniDump) – Tool review – Part 1
The Cobalt Strike references (malleable c2 profiles, scripts, Elevate Kit, etc.) have been consolidated under a new GitHub account. https://github.com/cobalt-strike We understand that many blog posts (and even our documentation) have references to the original links. The original links will be available for the time being but may not be in the future. Update your […]
The post New home for Cobalt Strike malleable c2 profiles and scripts appeared first on Cobalt Strike Research and Development.
Continue reading New home for Cobalt Strike malleable c2 profiles and scripts
This short post is a follow up to the post “Manage Cobalt Strike with Services” where I described a method to automate Cobalt Strike teamservers by creating services. In this post, I will take a closer look at the aggressor function that is used to create listeners listener_create_ext to expanded on the documentation and provide an […]
The post Create listeners with an aggressor script – listener_create_ext appeared first on Cobalt Strike Research and Development.
Continue reading Create listeners with an aggressor script – listener_create_ext
This post is part of a “Quality of Life” series, where tips and tricks will be shared to make using Cobalt Stike easier. Cobalt Strike is a post-exploitation framework and requires customization to meet your specific needs. This flexibility is one of the most powerful features of Cobalt Strike. While this is great, some may […]
The post Manage Cobalt Strike with Services appeared first on Cobalt Strike Research and Development.
Many bash scripts start out as something quick and dirty but then become so useful that they live for years, indeed sometimes seeing more use than our traditional programs. Now that you can even run bash well under Windows (although, you’ve always been able to run it there if you …read more