Cyber Security Engineer at a tech services company with 51-200 employees
Real User
Top 20
2024-07-30T10:33:00Z
Jul 30, 2024
I use it a lot for independent research. I have a copy with me on my Kali box. There’s a good reason that it’s currently the best C2 in the market right now. It’s because of its versatility; you can modify it a lot and tamper with it. As a C2, it does its job extremely well. It can adapt to a lot of situations. You can write malleable C2 profiles in its own specific language named Aggressor Script, which is mostly used for threat emulation. Like, if you want to emulate a specific TTP, you write a specific C2 profile so that in your red team engagements, you can mimic an enemy adversary that you want to protect against. It uses a lot of industry-standard tools. For example, it can use Mimikatz very well. It integrates very well with other tools necessary for Red Team operations, like Mimikatz or Rubeus. You don’t have to upload the executable on the machine; it can run everything in memory. It has modules for all these tools I’ve mentioned.
Breach and Attack Simulation (BAS) software solutions are designed to help you identify and address vulnerabilities within your security posture. By simulating cyber-attacks in a controlled environment, BAS tools allow continuous assessment and validation of your security controls, ensuring they are operating effectively against evolving threats.
BAS software provides an automated and consistent method to simulate real-world attack scenarios in your network. These solutions enable continuous...
I use Cobalt Strike to emulate threat actor activities.
I use it a lot for independent research. I have a copy with me on my Kali box. There’s a good reason that it’s currently the best C2 in the market right now. It’s because of its versatility; you can modify it a lot and tamper with it. As a C2, it does its job extremely well. It can adapt to a lot of situations. You can write malleable C2 profiles in its own specific language named Aggressor Script, which is mostly used for threat emulation. Like, if you want to emulate a specific TTP, you write a specific C2 profile so that in your red team engagements, you can mimic an enemy adversary that you want to protect against. It uses a lot of industry-standard tools. For example, it can use Mimikatz very well. It integrates very well with other tools necessary for Red Team operations, like Mimikatz or Rubeus. You don’t have to upload the executable on the machine; it can run everything in memory. It has modules for all these tools I’ve mentioned.