[Article]-Video Review: Cobalt Strike Penetration Testing Software

Viewing 3 reply threads
  • Author
    Posts
    • #7673
      Don Donzal
      Keymaster

      Ryan Linn is back with another video. This time he explores a new commercial tool that has been spawned from a free tool. But in a twist, this one comes from the same man who wrote the free version. Got to love an entrepreneurial spirit!

      Let us know what you think about the tool, it’s cost, plans to give it a try or anything else that hits your brain.

      Permanent link: [Article]-Video Review: Cobalt Strike Penetration Testing Software

      [align=center:dbqvosvb][/align:dbqvosvb]

      By Ryan Linn

      Cobalt Strike is the latest tool that Raphael Mudge (@Armitagehacker) has released at http://www.advancedpentest.com/ to help penetration testers optimize their workflow and pen testing tasks.  Cobalt Strike is a commercially supported version of Armitage, Cyber Attack Management for Metasploit, with a whole slew of new features added to aid in social engineering attacks, phishing, and targeted exploitation.  As described on their own site:

      Cobalt Strike is threat emulation software. Red teams and penetration testers use Cobalt Strike to demonstrate the risk of a breach and evaluate mature security programs. Cobalt Strike exploits network vulnerabilities, launches spear phishing campaigns, hosts web drive-by attacks, and generates malware infected files from a powerful graphical user interface that encourages collaboration and reports all activity.

      Stay with us after the break as we examine more details of this new software package, thoughts on how it might fit into your arsenal of tools and also an exclusive video by Ryan Linn offering a first look at Cobalt Strike to all EH-Netters.

      Don

    • #47887
      cyber.spirit
      Participant

      great tool don it seems cobalt strike works with metasploit right?

    • #47888
      apollo
      Participant

      Just to be clear, Cobalt Strike leverages Metasploit for a lot of it’s attacks.  It’s a further development for the Armitage front end that acts as a Java based front end for Metasploit, but Cobalt Strike has addressed a lot of the workflow, reporting, and other automation that isn’t easy from within Armitage, Metasploit base install or other tools that leverage Metasploit.  Cobalt Strike is a step forward from just “using Metasploit” to letting a Pen Tester take advantage of the framework core functions, but allowing a lot of the things that become tedious to be made easy through the GUI interface.  It is session aware, allows you to set easy pre-sets that are selectable, allow you to run exploits against groups of hosts, and other things that the other tools just don’t let you do as easily. 

    • #47889
      cyber.spirit
      Participant

      Thanks apollo for your efficient answer.

Viewing 3 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2020 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?