Cobalt Strike is a security tool used by ethical hacker to assist security posture of their organization while also used by threat actors offensively to compromise a target environment.
Cobalt Strike have many capabilities I.e
- Reconnaissance
- Weaponization
- Exploitation
- Post-Exploitation
- Persistence
- and more…
How to install cobalt-stirke in linux?
To download cobalt strike, please visit: https://www.cobaltstrike.com/download
Once your have downloaded the zip file (cobaltstrike-dist.tgz), you can unzip it using the following command: tar -xvzf cobaltstrike-dist.tgz
You can now change your current directory to cobaltstrike, and run the update executable since this is your first time running cobalt strike. Make sure to enter your license key after executing update.
This may require a few minutes to complete. Next you can start the cobalt strike server located within the same directory called teamserver. To execute team server, you need the local interface IP address that the server needs to listen to and the password required for the users to connect to the team server.
sudo ./teamserver 192.168.2.115 'someHuge_Strong+Password_'
Now that the server is running, you can remotely connect from any where by executing the cobaltstrike executable.
Enter the IP address of the teamserver, and the password that were chosen above “someHuge_Strong+Password_”.
If the credentials worked successfully, you will be presented with a hash, make sure that this hash matches SHA256 hash of SSL Cert in the teamserver.
After that hoala!
