Penetration Testing
Web Application Penetration Testing
Ransomware Readiness Assessment
Mobile App Assessment
Remote Access Assessment
Purple Team
If you are threat vulnerable,
Let our Offense prepare you with the strongest Defense.
contact@redsiege.com
______________________________________________________________
Today, Red Siege breaks down Cobalt Strike with Tech Director Joe Vest
SiegeCast: "COBALT STRIKE BASICS"
Presented by
Tim Medin ( @timmedin )
Slides: redsiege.com/cobaltstrike
Follow Us
Twitter: / ​
Facebook: / ​
Linkedin: / reds​. .
_______________________________________________________
Red Siege Founder: Tim Medin (tim@redsiege.com)
Twitter: @timmedin
Red Siege is an information security consulting company that concentrates on the latest threats to organizations today. We perform in-depth analysis, determine organization/business risk, and find the vulnerabilities before the bad guys do. Our team includes internationally renowned experts who have been featured in international news outlets and conferences, including The Wall Street Journal, The Washington Post, a News Channel Asia Documentary.
redsiege.com​
#hacking​ #infosec​ #pentesting
00:00 Cobalt Strike Basics
00:20 Intro
2:00 What is Cobalt Strike?
5:06 Set up and Architecture
5:13 Cobalt Strike Setup
6:11 Team Server
7:08 Beacon Comms
8:06 Redirector
11:00 Malleable C2
18:00 Artifact Kit (And Others)
23:20 Stay in Memory
24:42 In Memory Execution
25:26 Loader
26:27 HIding in Memory
28:07 Powershell
30:41 Arbitrary Shellcode
31:03 App Control Bypasses
36:34 Lateral Movement
36:40 Using Creds and Access to Move
39:47 Top Methods
40:32 How to Get Creds
52:09 C2 Design
52:18 Attack Infrastructure
54:02 Operational Security
54:42 Cloud Fronting
55:32 Domain Selection
56:29 C2 Methods
57:08 Named Pipe
59:49 Built in Features
1:01:09 Detection
1:01:47 WTH is JA3
1:02:22 JA3 Calculation
1:02:37 JA3 Detections
1:03:20 Stop Focusing on The Tool
1:07:00 Q&A