Pieter Ceelen

Cobalt Strike 4.11 is out now! This release introduces a novel Sleepmask, a novel process injection technique, a new prepend reflective loader with new evasive options, asynchronous BOFs, DNS over HTTPs and more! cobaltstrike.com/blog/cobalt-st…

I’m very happy with technical session earlier today. Content ranged from first time CS use to advanced customisation. and then a sneak peek into 4.11!

Join us March 12 for a live technical walkthrough of #cobaltstrike's flexible framework and advanced post-exploitation techniques! Register now to see what our research team has cooking! #notliterally #cobaltstrikeguy register.gotowebinar.com/register/14349…

Virtual fortresses aren’t as invincible as they seem 🏰⚔️. Read about our latest research on using Secure Enclaves in Windows for offensive ops — plus fresh insights for red teamers. Check out Part 1 of our blog series here: outflank.nl/blog/2025/02/0…

Just hammered out Cobalt Strike roadmap, it will be yummy

Planning on tinkering with #offensivesecurity over the holidays? After all, tis' the season to get ahead of #cyberattacks! In this short demo of the #CobaltStrike mutator kit we show how easy it is to generate LLVM randomized sleepmasks and #BOFs> linoma.wistia.com/medias/ncw3ov9…

Cobalt Strike 4.10.1 is live--this out of band release addresses issues in 4.10 and provides an update to the Mutator Kit. Get more details in the blog: cobaltstrike.com/blog/out-of-ba…

Tomorrow I’ll be around with some team mates from Cobalt Strike and Outflank just across Blackhat London venue. Feel free to drop by, grab a drink and discuss red teaming , offensive research, our products and have some fun

Cobalt Strike news: I am honoured to be part of the team!

Used roadtune in a red team engagement and got customer eyes rolling on stuff we managed to do 👀 🔥

Outflank’s @kyleavery_ will be presenting at Black Hat Business Hall at 1:30pm tomorrow, August 7th! He’ll be discussing strategies for running evasive red team engagements across Windows, MacOS, and Linux #BHUSA

Great fun @XOffensive21584 @vysecurity @EmericNasi. Try to find the @KlezVirus !

Outflank's own @ptrpieter will be at @XOffensive21584 in Athens! Check out his session on June 21st at 11:00am, where he'll be giving the TL;DR on lessons learned from thread led digital #redteaming

Excellent blog from @kyleavery_ on macOS/linux EDR internals. There are still unanswered questions, so likely more R&D to follow 🧐

Initial access to the max! We just released a new OST tool, using our research and full weaponisation of an obscure file format. This file format allows shellcode loading with just a double click and is under less MotW scrutiny than most other popular initial access vectors. 💪

The PowerShell mafia is back! We are giving a Tech Deep Dive session right now where we look at new OST tools to leverage PowerShell for local and remote code execution. PowerShell is not dead for red teams! Available for #OST customers. More info at outflank.nl/ost

Today, we're disclosing an overlooked, wide-impact bug/attack vector affecting the Windows/COM ecosystem, dubbed #MonikerLink. In Outlook, the bug's impact is far and wide: from leaking NTLM creds to RCE. The same issue may exist in other software, too. research.checkpoint.com/2024/the-risks…

Sometimes, public tools don't work exactly how you'd like... Check out our latest post on patching .NET functions from an unmanaged CLR host, to massage managed code at runtime. 🩹 A writeup and POC from @kyleavery_ are now available 👉 outflank.nl/blog/2024/02/0…