Welcome to Penetration Testing with Cobalt Strike. This online 7-part series teaches the method and madness behind using Cobalt Strike. We'll go from the basics of the penetration testing process to sophisticated client-side attacks all the way to modern red team operations.
We also offer live Cobalt Strike training with guided labs and a scenario-based exercise.
1. Introduction
This lecture introduces the penetration testing process and offers an introduction to the Metasploit® Framework, Armitage, and Cobalt Strike. You'll learn how these projects relate and get the background necessary to understand the rest of this series.
2. Remote Attack
This lecture demonstrates how to attack remote services with exploits and credentials. You'll learn how to launch NMap scans, choose the right exploit, import hosts from other tools, manage large numbers of hosts, and generate reports.
3. Client-side Attack
This lecture introduces the client-side attack process. You'll learn how to perform client-side reconnaissance with the system profiler, how to exploit client vulnerabilities, defeat firewall egress situations, and hack with features.
4. Social Engineering
In this lecture, we learn how to dress up our attacks using copies of existing sites. The Cobalt Strike site cloner is introduced. This lecture also shows you how to execute a spear phishing campaign. You'll turn an ordinary email into a pixel perfect phishing template and learn how to send it to thousands of your soon-to-be friends.
5. Post Exploitation
In this lecture, we find our hero in control of several compromised hosts. We learn how to control these hosts, strategically log keystrokes, steal tokens from domain users, and exfiltrate data.
6. Maneuver
This lecture shows how to use one foothold to take over a network. We'll learn how to route traffic through a compromised host, attack hosts through this hop point, and carry out the pass-the-hash attack to gain access to patched systems.
7. Team Operations
In this lecture, you'll learn how to use Cobalt Strike in a team situation. Topics covered include setting up a team engagement, how to use external tools with a Cobalt Strike foothold, how to pass sessions, and how to organize a red team.