Alleged source code of Cobalt Strike toolkit shared online

Correlate

Level 16
Verified
May 4, 2019
724
6,871
The source code for the widely-used Cobalt Strike post-exploitation toolkit has allegedly been leaked online in a GitHub repository.

Cobalt Strike is a legitimate penetration testing toolkit that allows attackers to deploy "beacons" on compromised devices to remotely "create shells, execute PowerShell scripts, perform privilege escalation, or spawn a new session to create a listener on the victim system."

Cobalt Strike is an immensely popular tool among threat actors who use cracked versions to gain persistent remote access to a compromised network. This tool is commonly seen used during ransomware attacks.
 
Top