=============================================================================
Cobalt Strike v4.3 - Advanced Threat Tactics Software
=============================================================================
*** https://www.cobaltstrike.com ***
1. What is Cobalt Strike?
----------------------
Cobalt Strike is software for Adversary Simulations and Red Team Operations.
Adversary Simulations and Red Team Operations are security assessments that
replicate the tactics and techniques of an advanced adversary in a network.
While penetration tests focus on unpatched vulnerabilities and
misconfigurations, these assessments benefit security operations and incident
response.
Cobalt Strike gives you a post-exploitation agent and covert channels to
emulate a quiet long-term embedded actor in your customer's network.
Malleable C2 lets you change your network indicators to look like different
malware each time. These tools complement Cobalt Strike's solid social
engineering process, its robust collaboration capability, and unique reports
designed to aid blue team training.
2. Documentation
-------------
Documentation for Cobalt Strike is located on the Cobalt Strike website at:
https://www.cobaltstrike.com. Read the FAQ and the Manual for information
on how to use Cobalt Strike. Watching the free online training is highly
encouraged as well.
3. Install and Update
------------------
This package contains the launcher and supporting files to use the
Cobalt Strike product. Run the 'update' program to download the latest
version of the Cobalt Strike product. This step will also generate
an authorization file that allows Cobalt Strike to run.
Further information for each operating system is available at:
https://www.cobaltstrike.com/support
4. Legal
-----
Cobalt Strike (c) 2012-2020 Strategic Cyber LLC, a HelpSystems company
Cobalt Strike is proprietary software. You must purchase a license to use it
or use it for the granted trial period only. Use of Cobalt Strike constitutes
acceptance of the End User License Agreement at:
https://www.cobaltstrike.com/license
5. Support
-------
Email support@strategiccyber.com for help with this product.
6. Credits for third-party components
-------
Cobalt Strike makes use of code and/or content from the following sources:
Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) - (c) 2017 The MITRE Corporation. (This work is reproduced and distributed with the permission of The MITRE Corporation.)
https://attack.mitre.org/
Apache FOP - (c) 1999-2010 The Apache Software Foundation (Apache 2.0 License)
http://xmlgraphics.apache.org/fop/
Apache JAMES Mime4j - (c) 2004-2010 The Apache Software Foundation (Apache 2.0 License)
http://james.apache.org/mime4j/
Draggable Tabbed Pane - (c) Tom Martin (Creative Commons 3.0 Share-Alike [Attribution Required] License)
http://stackoverflow.com/questions/60269/how-to-implement-draggable-tab-using-java-swing
ipcalf - (c) 2012-2014 Nathan Vander Wilt (MIT License)
https://github.com/natevw/ipcalf
ISO C9x compliant stdint.h for Microsoft Visual Studio - (c) 2006-2013 Alexander Chemeris (BSD License)
https://github.com/chemeris/msinttypes/blob/master/stdint.h
JGraphX - (c) JGraph Ltd 2006-2012 (BSD License)
http://www.jgraphx.com/
jQuery - (c) The jQuery Foundation 2012 (MIT License)
http://www.jquery.com/
Jsign 1.3 - (c) Emmanuel Bourg (Apache 2.0 License)
http://ebourg.github.com/jsign
libssh2 - SSH2 library - (c) Sara Golemon et al. (BSD License)
https://github.com/libssh2/libssh2
LibTomCrypt - developed by Tom St Denis (Public Domain/WTFPL)
http://libtom.org/?page=index&newsitems=5&whatfile=crypt
Metasploit Framework - (c) Rapid7 Inc. 2012 (BSD License)
http://www.metasploit.com/
mbed TLS 2.14.1 - (c) 2018 ARM Limited (Apache 2.0 License)
https://tls.mbed.org/
Mimikatz 2.2 - (c) Benjamin 'gentilkiwi' Delpy (Creative Commons Attribution 4.0)
License: http://creativecommons.org/licenses/by/4.0/
http://blog.gentilkiwi.com/
Mono Icon Set - (c) Gentleface Inc. (Royalty Free License to Strategic Cyber LLC)
http://www.gentleface.com/free_icon_set.html
msfgui - (c) Matt Weeks 2010-2012 (BSD License)
http://www.metasploit.com/
NanoHTTPD - (c) 2001,2005-2012 J. Elonen and (c) 2010 K. Togias (Modified BSD License)
http://elonen.iki.fi/code/nanohttpd/
PowerShell Native API Functions - (c) 2012, Matt Graeber (BSD License)
http://www.exploit-monday.com/2012/05/accessing-native-windows-api-in.html
Reflective DLL Injection - (c) 2011, Stephen Fewer of Harmony Security (BSD License)
https://github.com/stephenfewer/ReflectiveDLLInjection
Sleep 2.1 - (c) 2002-2020 Raphael Mudge (BSD License)
http://sleep.dashnine.org
Synthetica Look and Feel - (c) Jyloo Software (Commercial License to Strategic Cyber LLC)
http://www.jyloo.com/synthetica/
tango-icon-theme-package - Tango Desktop Project (Public Domain)
http://tango.freedesktop.org/
TightVNC Java Viewer - (c) GlavSoft LLC (Commercial License to Strategic Cyber LLC)
http://www.tightvnc.com/
UACME - (c) UACME Project, hFiref0x (BSD License)
https://github.com/hfiref0x/UACME/
Unmanaged PowerShell - (c) 2015, Lee Christensen (BSD License)
https://github.com/leechristensen/UnmanagedPowerShell
user-agent-utils 1.13 - (c) 2008, Harald Walker (BSD License)
https://github.com/HaraldWalker/user-agent-utils
WinPcap - (c) 2005-2010 CACE Technologies (BSD License)
http://www.winpcap.org/
XMLmind XSL-FO Converter - (c) 2002-2012 Pixware SARL (Developer License to Strategic Cyber LLC)
http://www.xmlmind.com/foconverter/
Cobalt Strike distributes the following third-party programs for deployment as needed:
TightVNC 1.3.10 - (c) 2000-2009 TightVNC Group and others (GPLv2 License)
https://github.com/rsmudge/vncdll
7. Licenses for third-party components
--------
Cobalt Strike is a commercial work developed at private expense. The end
user license agreement for the Cobalt Strike package is described in part 4
of this readme file.
Below are copies of the licenses assigned to the various components used by
Cobalt Strike.
BSD License
-----------
Copyright (c) <YEAR>, <OWNER>
All rights reserved.
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
Neither the name of the <ORGANIZATION> nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Modified BSD License
--------------------
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
Redistributions of source cod
评论0