Ever wanted to make your sketchy sys calls look squeaky clean? I wrote a blog demonstrating a PoC which calls NtOpenProcess to grab a handle to lsass with an arbitrary/spoofed call stack: https://t.co/SWLenJazWW PoC:

New Blog: Based on his talk at Black Hat, @0xTriboulet discusses integrating Windows AI/ML APIs into Cobalt Strike’s workflows and presents proof-of-concept implementations for AI-augmented post-exploitation capabilities in Cobalt Strike. https://t.co/B8icpllZHV

Exciting times. I'm publishing Dittobytes today after presenting it at @OrangeCon_nl ! Dittobytes is a true metamorphic cross-compiler aimed at evasion. Use Dittobytes to compile your malware. Each compilation produces unique, functional shellcode. https://t.co/761G96JDF1

I will be presenting at Beacon conf next week on “Linkers and Loaders: Experiments with Crystal Palace”. If you enjoy filthy PIC tradecraft it may be of interest!

I am excited for us to finally share our fully user-mode detection agent research preview! Intel Processor Trace, Last Branch Record, thread scheduler and PMU telemetry all from user-mode, using the latest Windows features!

Published a small collection of PIC loaders for Cobalt Strike, based on my experiments with Crystal Palace. https://t.co/Ftot017HXW

Chrome Remote Desktop can offer red teamers a subtle way to bypass restrictions—if they know how to use it. In this blog, @Oddvarmoe reveals a practical guide to repurposing Chrome Remote Desktop on red team operations. Read it now!

I'm finally releasing a project that I've been working on for a little while now. Here's Boflink, a linker for Beacon Object Files. https://t.co/herd91NIGF Supporting blog post about it.

[BLOG] Integrating Tradecraft Garden PIC loaders into Cobalt Strike https://t.co/vHZyptx3xo

[BLOG] Dynamically Instrumenting Beacon with BeaconGate - For All Your Call Stack Spoofing Needs!

The final part of @j00ru’s Windows Registry series is live! Contains all the hive memory corruption exploitation you’ve been waiting for https://t.co/OYiomWuQ6V

Cobalt Strike 4.11 is out now! This release introduces a novel Sleepmask, a novel process injection technique, a new prepend reflective loader with new evasive options, asynchronous BOFs, DNS over HTTPs and more! https://t.co/h6ly1wxWp0

👀

Planning on tinkering with #offensivesecurity over the holidays? After all, tis' the season to get ahead of #cyberattacks! In this short demo of the #CobaltStrike mutator kit we show how easy it is to generate LLVM randomized sleepmasks and #BOFs> https://t.co/lq8m2NXLrn

😍😍😍

[BLOG] This post summarises how to tie Cobalt Strike's UDRL, SleepMask, and BeaconGate together for your syscall and call stack spoofing needs. https://t.co/7wTF0zqgPP

I drafted a janky mind map of Beacon's components and their relationships. Might be able to make it neater if people find it useful. Perhaps we could get this on a desk mat @joehowwolf 😅

New blog: Get details on recent changes, upcoming plans for #CobaltStrike R&D, and our strategy for increased communication. https://t.co/OMBZxlReaA

New CS Blog - Revisiting the UDRL Part 3: https://t.co/69dLKAEsZ7 If you like the idea of loading a custom c2 channel in your UDRL then this blog may be of interest 👀

The video just went live for my recent @BlueHatIL talk about a new Windows vulnerability class, including an exploit for kernel code execution 👇 https://t.co/b1oRjXOKM5

When I was a sec consultant, one of my favourite days was when a new CS dropped and there were plenty of goodies to play with. A lot of effort went into this release and there is a looot of cool stuff to hack around with