This blog post will cover the Cobalt Strike DLL stager's anatomy, design choices and highlight ways to reduce both log footprint and time-to-shellcode.
Anatomy of Cobalt Strike’s DLL Stager
Author: Maxime Thiebaut
Maxime Thiebaut is a SOC analyst in NVISO's Managed Detection & Response team and has worked on the SANS SEC699 course. Besides his coding capabilities, Maxime is looking to improve his reverse engineering skills.