2022-10-17 23:19   Out Of Band Update: Cobalt Strike 4.7.2    #cobaltstrike blog #安全文章 Cobalt Strike 4.7.2 is now available. This is an out of band update to fix a remote code execution vulnerability that is rooted in Java Swing but which can be exploited in Cobalt Strike. Remote Code Execution Vulnerability I’d like to start by giving credit to Rio Sherri (0x09AL) and Ruben Boo

2022-09-20 22:32   Out Of Band Update: Cobalt Strike 4.7.1    #cobaltstrike blog #安全文章 Cobalt Strike 4.7.1 is now available. This is an out of band update to fix an issue discovered in the 4.7 release that was reported to be impacting users, and for which there was no workaround. We also took the opportunity to address a vulnerability that was reported shortly after the 4.7 release, a

2022-08-17 21:36   Cobalt Strike 4.7: The 10th Anniversary Edition    #cobaltstrike blog #安全文章 Cobalt Strike 4.7 is now available. This release sees support for SOCKS5, new options to provide flexibility around how BOFs live in memory, updates to how Beacon sleeps and a number of other changes that have been requested by our users. We’ve also given the user interface a bit of a refresh (inclu

2022-07-26 23:52   Celebrating 10 Years of Cobalt Strike    #cobaltstrike blog #安全文章 Can you believe it? Cobalt Strike is 10 years old! Think back to the summer of 2012. The Olympics were taking place in London. CERN announced the discovery of a new particle. The Mars Rover, Curiosity, successfully landed on the red planet. And despite the numerous eschatological claims of the world

2022-06-21 23:38   Arsenal Kit Update: Thread Stack Spoofing    #cobaltstrike blog #安全文章 As I mentioned in the recent Roadmap Update blog post, we are in the process of expanding the Cobalt Strike development team and ramping up our research activities so that we can release more tools outside of the core product release schedule. We’re also acutely aware of Cobalt Strike’s

2022-06-07 22:43   There’s Another New Deputy in Town    #cobaltstrike blog #安全文章 Things are moving in the Cobalt Strike world…And they are moving… FAST. When I started my position with the Cobalt Strike team, I got to meet the team in person in the head office in Eden Prairie, Minnesota.I can’t say much yet, but the team has been cooking up some cool stuff coming into the

2022-05-23 23:34   Out Of Band Update: Cobalt Strike 4.6.1    #cobaltstrike blog #安全文章 Cobalt Strike 4.6.1 is now available. This is an out of band update to fix a few issues that were discovered in the 4.6 release that were reported to be impacting users and for which there was no workaround. This does not affect the 4.7 release, which is still on track to ship this summer. [...]Read

2022-04-20 22:56   Cobalt Strike 4.6: The Line In The Sand    #cobaltstrike blog #安全文章 Cobalt Strike 4.6 is now available. As I mentioned in the recent Roadmap Update blog post, this isn’t a regular release, as it mostly focuses on security updates. There are also a couple of useful updates for users. A major release is planned for this summer, so this release lays the groundwork for

2022-03-30 23:16   Building Upon a Strong Foundation    #cobaltstrike blog #安全文章 In the weeks ahead, Cobalt Strike 4.6 will go live and will be a minor foundational release before we move into our new development model. This release will be less about features and is more focused on bolstering security even further. This is all in preparation for a much bigger release later, whi

2022-03-08 22:46   Cobalt Strike Roadmap Update    #cobaltstrike blog #安全文章 Historically, Raphael Mudge, the creator of Cobalt Strike, didn’t typically talk about the Cobalt Strike roadmap publicly. He preferred to play his cards close to his chest and only revealed the details about each release when it went live (and he didn’t give much warning about the release date, eit

2022-03-01 04:29   Joe’s Transition    #cobaltstrike blog #安全文章 My career is taking me in a new and exciting direction, and I am stepping down from my role on the Cobalt Strike team. I’ve spent the last year helping HelpSystems integrate Cobalt Strike into their processes and shift from a single developer to a team effort. I can honestly say that “Co

2022-02-22 02:29   Incorporating New Tools into Core Impact    #cobaltstrike blog #安全文章 Core Impact has further enhanced the pen testing process with the introduction of two new modules. The first module enables the use of .NET assemblies, while the second module provides the ability to use BloodHound, a data analysis tool that uncovers hidden relationships within an Active Directory (

2022-02-16 01:36   Cobalt Strike Training Options    #cobaltstrike blog #安全文章 The Cobalt Strike training web page has been updated. https://www.cobaltstrike.com/training/ The training web page lists free courses created by the Cobalt Strike team that provide an overview of the product. It also lists courses offered by trusted 3rd parties. The 3rd party courses use Cobalt Stri

2021-12-21 04:42   Writing Beacon Object Files: Flexible, Stealthy, and Compatible    #cobaltstrike blog #安全文章 Our colleagues over at Core Security have been doing great things with Cobalt Strike, making use of it in their own engagements. They wrote up this post on creating Cobalt Strike Beacon Object Files using the MinGW compiler on Linux. It covers several ideas and best practices that will increase the

2021-12-20 23:51   User Defined Reflective Loader (UDRL) Update in Cobalt Strike 4.5    #cobaltstrike blog #安全文章 The User Defined Reflective Loader was first introduced in Cobalt Strike 4.4. to allow the creation and use of a custom reflective loader. This quickly took off by the community and its limits were pushed. Updates were made in 4.5 to help address some of these limits. Updates Increase size A new hoo