Software for Adversary Simulations and Red Team Operations

Cobalt Strike is a standard-setting adversary simulation tool, recognized globally for facilitating red team operations with its signature payload and extensible C2 framework to accurately replicate the tactics of today’s advanced threat actors

Beacon: The Customizable Post-Exploitation Payload

Beacon, Cobalt Strike’s signature payload, models the behavior of advanced adversaries to perform post-exploitation activities. Beacon offers multiple avenues of communication, including:

PRODUCT SUMMARY
Authored by: Ernesto Alvarez, Senior Security Consultant, Security Consulting Services

This article describes techniques used for creating UDP redirectors for protecting Cobalt Strike team servers. This is one of the recommended mechanisms for hiding Cobalt Strike team servers and involves adding different points which a Beacon can contact for instructions when using the HTTP channel.

The global chaos of last year was also seen in the digital world, as cyber attackers were seemingly relentless in their efforts. Such activity underscores the importance of penetration testing to assess and test security vulnerabilities, which allow you to better evaluate risk and be ready to detect, prevent and respond to threats as they happen.

How Mature is Your Vulnerability Management Program?

Security vulnerabilities are one of the most common problems in cybersecurity today, as they may exist in operating systems, services and application flaws, improper configurations or risky end-user behavior. According to the statistics from the Common Vulnerabilities and Exposures list, 12,174 new vulnerabilities were uncovered in 2019—over 13 times as many as were discovered in 1999, when the database first came into existence.

Subscribe to Cobalt Strike