Penetration Testing Software Cobalt Strike Adds Support for Cloud-based Redirectors

Cobalt Strike is known in the industry as a popular penetration testing software designed to allow red teams, penetration testers, and consultants to execute sophisticated attacks on systems.

In an effort to better simulate the distributed nature of today’s persistent attacks, Cobalt Strike added full support for redirectors last week, according to a blog post by Raphael Mudge, founder of Strategic Cyber LLC and the developer of Cobalt Strike. Redirectors proxy all traffic to a command-and-control server, and can take the form of cheap Amazon EC2 instances.

Mudge’s blog post explains how to setup redirectors that give one Cobalt Strike instance multiple points of presence on the internet. The configurations described would attempt to send the payload via multiple redirectors even if some redirectors get blocked by the target system.

Security personnel are increasingly dealing with large-scale attacks distributed across cloud services. According to research recently released by Arbor Networks, DDoS attacks grew enormously in 2013. The average DDoS occurrence in 2013 was 2.64Gb/sec, a 78 percent increase from 2012.

Subscribe to WHIR Newsletters & Get Our Exclusive Report on "The Hosting Infrastructure Ecosystem".


Subscribe Now and Get Our Exclusive Report on "The Hosting Infrastructure Ecosystem"

About the Author

David Hamilton is an Associate Editor of the WHIR. The Toronto-based technology journalist has written for the National Post and other news outlets. He has covered the hosting industry internationally for the WHIR with particular attention to innovative hosting solutions and the issues facing the industry. David is a graduate of Queen’s University and the Humber College School of Media Studies.

Add Your Comments

  • (will not be published)