Technical Director, Cybersecurity at @HelpSystemsMN. Creator of Cobalt Strike for Red Team Ops. Email raffi@strategiccyber.com
Always on Twitter hiatus.
I like this hashtag. This was the impetus of Cobalt Strike. In 2012, our industry's threat model was blind to targeted attack process and post-ex steps had little interest. Goal was to change that and have threat representative security tests.
blog.cobaltstrike.com/2014/1…
Put together a thing.
CSSG - Cobalt Strike Shellcode Generator
Aggressor script and menu system to more easily generate Beacon (and other) shellcode with various options.
github.com/RCStep/CSSG
I wrote a blog & proof of concept for a Beacon Object File that performs remote process injection via thread hijacking instead of spawning a new thread. This was a lot of fun & I’m glad operators who leverage Cobalt Strike can now run in-memory C tools!! connormcgarr.github.io/threa…
Just released a new @OutflankNL Cobalt Strike BOF project which uses direct system calls to enumerate processes for specific loaded modules or process handles. E.g. to find open handles to LSASS or processes with CLR loaded for execute-assembly spawnto. github.com/outflanknl/FindOb…