Alleged source code of Cobalt Strike toolkit shared online


The source code for the widely-used Cobalt Strike post-exploitation toolkit has allegedly been leaked online in a GitHub repository.

Cobalt Strike is a legitimate penetration testing toolkit that allows attackers to deploy “beacons” on compromised devices to remotely “create shells, execute PowerShell scripts, perform privilege escalation, or spawn a new session to create a listener on the victim system.”

Cobalt Strike is an immensely popular tool among threat actors who use cracked versions to gain persistent remote access to a compromised network. This tool is commonly seen used during ransomware attacks.

Read more…
Source: Bleeping Computer