[Article]-Video Review: Cobalt Strike Penetration Testing Software

[don]

Ryan Linn is back with another video. This time he explores a new commercial tool that has been spawned from a free tool. But in a twist, this one comes from the same man who wrote the free version. Got to love an entrepreneurial spirit!

Let us know what you think about the tool, it's cost, plans to give it a try or anything else that hits your brain.

Permanent link: [Article]-Video Review: Cobalt Strike Penetration Testing Software

By Ryan Linn

Cobalt Strike is the latest tool that Raphael Mudge (@Armitagehacker) has released at http://www.advancedpentest.com/ to help penetration testers optimize their workflow and pen testing tasks.  Cobalt Strike is a commercially supported version of Armitage, Cyber Attack Management for Metasploit, with a whole slew of new features added to aid in social engineering attacks, phishing, and targeted exploitation.  As described on their own site:

   "Cobalt Strike is threat emulation software. Red teams and penetration testers use Cobalt Strike to demonstrate the risk of a breach and evaluate mature security programs. Cobalt Strike exploits network vulnerabilities, launches spear phishing campaigns, hosts web drive-by attacks, and generates malware infected files from a powerful graphical user interface that encourages collaboration and reports all activity."

Stay with us after the break as we examine more details of this new software package, thoughts on how it might fit into your arsenal of tools and also an exclusive video by Ryan Linn offering a first look at Cobalt Strike to all EH-Netters.

Don

[Cyber.spirit]

great tool don it seems cobalt strike works with metasploit right?

[apollo]

Just to be clear, Cobalt Strike leverages Metasploit for a lot of it's attacks.  It's a further development for the Armitage front end that acts as a Java based front end for Metasploit, but Cobalt Strike has addressed a lot of the workflow, reporting, and other automation that isn't easy from within Armitage, Metasploit base install or other tools that leverage Metasploit.  Cobalt Strike is a step forward from just "using Metasploit" to letting a Pen Tester take advantage of the framework core functions, but allowing a lot of the things that become tedious to be made easy through the GUI interface.  It is session aware, allows you to set easy pre-sets that are selectable, allow you to run exploits against groups of hosts, and other things that the other tools just don't let you do as easily. 

[Cyber.spirit]

Thanks apollo for your efficient answer.