Cobalt Strike adalah alat simulasi serangan perangkat lunak. Melakukan sasaran serangan terhadap perusahaan-perusahaan modern dengan salah satu alat serangan jaringan paling kuat yang tersedia untuk pengujian penetrasi.
18 May 16 - Cobalt Strike 3.3
---------
+ Added krbtgt helper to Golden Ticket dialog.
+ Added filter feature (Ctrl+F) to most of Cobalt Strike's tables.
+ Raised data model retention limits again.
+ cobaltstrike.exe on x64 Windows now looks for x86 Java if x64 Java is not found
+ Removed remnants of non-existant task command.
+ Aliased ? to help in Beacon console.
+ Mitigated DOS condition that could stop Team Server from accepting new clients
+ Fixed conflict between Malleable C2 partial URIs (uri-append) and HTTP/S
staging protocol. Malleable C2 partial URIs requests match to handler first.
+ Added c2profile info to Help -> System Information
+ Made keystroke logger loop tighter.
+ Added powerpick command to run PowerShell via Unmanaged PowerShell technique
+ Added psinject command to inject Unmanaged PowerShell into a specific process
+ Added 3389 to default portscan port list.
+ Made multiple error checking enhancements to c2lint.
+ Added Reload button to Script Manager dialog.
+ Added ready column to Script Manager to indicate if script is loaded or not.
+ Ctrl+Shift+D closes all tabs except the active one.
+ note[space][tab] now completes the current Beacon note.
+ Added net time to Beacon's net module.
+ powershell-import size check occurs *after* compressing the script.
+ DNS server responds to (unexpected) AAAA requests with an empty answer section
+ Mimikatz parser now preserves passwords with spaces.
+ Beacon now uses encrypt-then-MAC to verify task/response message integrity
+ Updated web server to have enough Range request support to satisfy bitsadmin
+ Replaced PowerShell Web Delivery with Scripted Web Delivery. This dialog
generates artifacts and one-liners to deliver payloads with: bitsadmin,
powershell, python, and regsrv32.
+ Added VBA shellcode injection option to the HTML Application Attack.
+ Added an option to use x64 stagers/stages to:
- Attacks -> Packages -> Payload Generator
- Attacks -> Packages -> Windows Executable
- Attacks -> Packages -> Windows Executable (S)
+ Added x64 artifacts to the Artifact Kit
+ Added shinject command to inject shellcode into a process
+ Made the following updates to Aggressor Script:
- &binject now accepts an arch (x86, x64) parameter.
- Added &beacon_ids function to get all Beacon IDs
- Added &bpowerpick / &bpsinject functions to go with the above.
- Added &openScriptedWebDialog for Scripted Web Delivery
- Added &bshinject to go with shinject command
- Extended &shellcode with an x86/x64 architecture parameter
- Extended &artifact with an x86/x64 architecture parameter
- Extended &artifact types with powershell, vbscript, and python
- Extended &powershell with an x86/x64 architecture parameter
- &agServices now limits its results to hosts in targets model only.
+ The make_token command now accepts passwords with spaces.
+ Improved Bypass UAC attack's reliability. It also gives feedback now.