.

[Article]-Video Review: Cobalt Strike Penetration Testing Software

<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Fri Jun 29, 2012 5:10 pm

[Article]-Video Review: Cobalt Strike Penetration Testing Software

Ryan Linn is back with another video. This time he explores a new commercial tool that has been spawned from a free tool. But in a twist, this one comes from the same man who wrote the free version. Got to love an entrepreneurial spirit!

Let us know what you think about the tool, it's cost, plans to give it a try or anything else that hits your brain.

Permanent link: [Article]-Video Review: Cobalt Strike Penetration Testing Software


Image


By Ryan Linn

Cobalt Strike is the latest tool that Raphael Mudge (@Armitagehacker) has released at http://www.advancedpentest.com/ to help penetration testers optimize their workflow and pen testing tasks.  Cobalt Strike is a commercially supported version of Armitage, Cyber Attack Management for Metasploit, with a whole slew of new features added to aid in social engineering attacks, phishing, and targeted exploitation.  As described on their own site:

"Cobalt Strike is threat emulation software. Red teams and penetration testers use Cobalt Strike to demonstrate the risk of a breach and evaluate mature security programs. Cobalt Strike exploits network vulnerabilities, launches spear phishing campaigns, hosts web drive-by attacks, and generates malware infected files from a powerful graphical user interface that encourages collaboration and reports all activity."

Stay with us after the break as we examine more details of this new software package, thoughts on how it might fit into your arsenal of tools and also an exclusive video by Ryan Linn offering a first look at Cobalt Strike to all EH-Netters.



Don
CISSP, MCSE, CSTA, Security+ SME
<<

cyber.spirit

User avatar

Sr. Member
Sr. Member

Posts: 356

Joined: Sun Feb 26, 2012 8:07 am

Location: in your heart!

Post Fri Jun 29, 2012 5:56 pm

Re: [Article]-Video Review: Cobalt Strike Penetration Testing Software

great tool don it seems cobalt strike works with metasploit right?
ICS Academy Network Security Certified
<<

apollo

Full Member
Full Member

Posts: 146

Joined: Fri Apr 04, 2008 7:44 pm

Post Fri Jun 29, 2012 11:48 pm

Re: [Article]-Video Review: Cobalt Strike Penetration Testing Software

Just to be clear, Cobalt Strike leverages Metasploit for a lot of it's attacks.  It's a further development for the Armitage front end that acts as a Java based front end for Metasploit, but Cobalt Strike has addressed a lot of the workflow, reporting, and other automation that isn't easy from within Armitage, Metasploit base install or other tools that leverage Metasploit.  Cobalt Strike is a step forward from just "using Metasploit" to letting a Pen Tester take advantage of the framework core functions, but allowing a lot of the things that become tedious to be made easy through the GUI interface.  It is session aware, allows you to set easy pre-sets that are selectable, allow you to run exploits against groups of hosts, and other things that the other tools just don't let you do as easily. 
CISSP, CSSLP, MCSE+Security, MCTS, CCSP, GPEN, GWAPT, GCWN, NOP, OSCP, Security+
<<

cyber.spirit

User avatar

Sr. Member
Sr. Member

Posts: 356

Joined: Sun Feb 26, 2012 8:07 am

Location: in your heart!

Post Sat Jun 30, 2012 1:09 am

Re: [Article]-Video Review: Cobalt Strike Penetration Testing Software

Thanks apollo for your efficient answer.
ICS Academy Network Security Certified

Return to Linn

Who is online

Users browsing this forum: No registered users and 0 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software