Extending Functionality

Part of what makes Cobalt Strike such a good C2 framework is native ability to support customized and diverse behaviors. There are three primary native methods for extending functionality: Artifact Kits, Resource Kits, and Aggressor Scripts.

Aggressor Scripts

By default aggressor scripts can leverage PowerShell, Execute-Assembly, Shellcode Injection, and DLL Injection.

Cobalt strike has many native functions which can be used to build powerful aggressor scripts that leverage code that wasn't originally designed to run in a beacon.

PreviousCobalt Strike

Last updated 2 years ago

Was this helpful?