System Profiler

The system profiler is a reconnaissance tool for the client-side attack process. This tool starts a local web-server and fingerprints any one who visits it. The system profiler discovers the internal IP address of users behind a proxy along with several applications and their version information.

To start the system profiler, go to Attacks -> Web Drive-by -> System Profiler.

The start the profiler you must specify a URI to bind to and a port to start the Cobalt Strike web-server from. If you specify a Redirect URL, Cobalt Strike will redirect visitors to this URL once their profile is taken. Click Launch to start the system profiler.