Cobalt Strike was born has a penetration testing tool, useful for Red Teaming activities. However, several threat actors started using it in real attacks. So, a proper detection of Cobal Strike activities during an incidend respose process is extremely important. A security researcher known as “Apra” has published on his GitHub account [2] a new […]
The post CobaltStrikeScan: identify CobaltStrike beacons in processes memory first appeared on Andrea Fortuna.
Article Link: https://www.andreafortuna.org/2020/11/03/cobaltstrikescan-identify-cobaltstrike-beacons-in-processes-memory/