Cobalt Strike Archives

Conceptual image representing evasive malware such as Cobalt Strike

65,426

people reacted

Blowing Cobalt Strike Out of the Water With Memory Analysis

By Dominik Reichel, Esmid Idrizovic and Bob Jung
December 2, 2022 at 6:00 AM

15 min. read

Malware conceptual image, covering topics such as Cobalt Strike Team Server, which can be abused by malware authors for malicious purposes

69,622

people reacted

Cobalt Strike Analysis and Tutorial: Identifying Beacon Team Servers in the Wild

By Durgesh Sangvikar, Chris Navarrete, Matthew Tennis, Yanhui Jia, Yu Fu and Siddhart Shibiraj
November 3, 2022 at 6:00 AM

9 min. read

Conceptual image representing phishing, including the way Bumblebee malware is distributed, as discussed here

80,130

people reacted

Flight of the Bumblebee: Email Lures and File Sharing Services Lead to Malware

By Brad Duncan
August 3, 2022 at 12:00 PM

8 min. read

Russian APT29 Hackers Use Online Storage Services, DropBox and Google Drive

88,346

people reacted

Russian APT29 Hackers Use Online Storage Services, DropBox and Google Drive

By Mike Harbison and Peter Renals
July 19, 2022 at 3:00 AM

15 min. read

A conceptual image representing malware and its evasions.

49,570

people reacted

Cobalt Strike Analysis and Tutorial: CS Metadata Encryption and Decryption

By Chris Navarrete, Durgesh Sangvikar, Yu Fu, Yanhui Jia and Siddhart Shibiraj
July 13, 2022 at 6:00 AM

9 min. read

A conceptual image that represents malware, including the malicious uses of Cobalt Strike and its metadata encoding algorithm covered here.

39,026

people reacted

Cobalt Strike Analysis and Tutorial: CS Metadata Encoding and Decoding

By Chris Navarrete, Durgesh Sangvikar, Yu Fu, Yanhui Jia and Siddhart Shibiraj
May 6, 2022 at 12:00 PM

9 min. read

Cobalt Strike Analysis and Tutorial: How Malleable C2 Profiles Make Cobalt Strike Difficult to Detect

72,567

people reacted

Cobalt Strike Analysis and Tutorial: How Malleable C2 Profiles Make Cobalt Strike Difficult to Detect

By Chris Navarrete, Durgesh Sangvikar, Andrew Guan, Yu Fu, Yanhui Jia and Siddhart Shibiraj
March 16, 2022 at 3:00 PM

9 min. read

A conceptual image representing malware, such as the BazarLoader windows-based malware discussed here.

59,872

people reacted

Case Study: From BazarLoader to Network Reconnaissance

By Brad Duncan
October 18, 2021 at 6:00 AM

7 min. read

A conceptual image representing Wireshark Tutorials.

57,964

people reacted

Wireshark Tutorial: Examining Traffic from Hancitor Infections

By Brad Duncan
April 7, 2021 at 6:00 AM

20 min. read

Malicious email, as depicted here, can be the starting point of a chain of events related to Hancitor infections, which have recently been observed distributing Cobalt Strike and using a noisy network ping tool.

50,593

people reacted

Hancitor’s Use of Cobalt Strike and a Noisy Network Ping Tool

By Brad Duncan
April 1, 2021 at 12:00 PM

11 min. read

Posts tagged with: Cobalt Strike

Blowing Cobalt Strike Out of the Water With Memory Analysis

Cobalt Strike Analysis and Tutorial: Identifying Beacon Team Servers in the Wild

Flight of the Bumblebee: Email Lures and File Sharing Services Lead to Malware

Russian APT29 Hackers Use Online Storage Services, DropBox and Google Drive

Cobalt Strike Analysis and Tutorial: CS Metadata Encryption and Decryption

Cobalt Strike Analysis and Tutorial: CS Metadata Encoding and Decoding

Cobalt Strike Analysis and Tutorial: How Malleable C2 Profiles Make Cobalt Strike Difficult to Detect

Case Study: From BazarLoader to Network Reconnaissance

Wireshark Tutorial: Examining Traffic from Hancitor Infections

Hancitor’s Use of Cobalt Strike and a Noisy Network Ping Tool

Popular Resources

Legal Notices

Account

Trending

Popular Resources

Legal Notices

Account