Notice: There is a serious security flaw in Cobalt Strike 3.5 and below (2.x is deprecated and assumed affected as well). Please read the advisory for more details.


Microsoft Word and Excel Macro Attack

The Microsoft Office Macro tool will generate a macro to embed into a Microsoft Word or Microsoft Excel document. Go to Attacks -> Packages -> MS Office Macro.

Choose a listener and press Generate to create a malicious MS Office Macro. Cobalt Strike will provide step-by-step instructions to embed your macro into a Word or Excel document.

This attack works well when you can convince a user to run macros when they open your document.