Cobalt Strike called "Beacon". In a conversation with The Hacker News Raphael said "A big gap in the penetration tester's toolbox are covert command and control options, especially for long engagements. Beacon is a new feature in Cobalt Strike to remedy this problem." Raphael Mudge (Creator of Cobalt Strike announced Another Advance Payload forcalled "". In a conversation withRaphael said "."

Cobalt Strikes's graphical user interface offers direct control of the 700+ exploits and advanced features in the open source Metasploit Framework. Beacon is a Cobalt Strike payload for long-term asynchronous command and control of compromised hosts. It works like other Metasploit Framework payloads. You may embed it into an executable, add it to a document, or deliver it with a client-side exploit.





Beacon downloads tasks using HTTP requests. You may configure Beacon to connect to multiple domains. For extra stealth, Beacon may use DNS requests to check if a task is available. This limits the communications between the penetration tester and the target network.





Beacon is a critical tool for penetration testers who must mimic the threats their clients face today.





Beacon's features include

* Check task availability using HTTP or DNS

* Beacon to multiple domains (who cares if that first one is blocked)

* Capable of automatic migration immediately after staging

* Tight integration with Cobalt Strike. Deliver beacon with social engineering packages, client-side exploits, and session passing

* Intuitive console to manage and task multiple beacons at once

Cobalt Strike treats a Beacon session different from a Meterpreter session. Hosts infected with Beacon will not turn red with lightning bolts indicating access.





The Beacon console allows you to see which tasks were issued to a Beacon and to see when it downloads them. You may issue tasks through the Beacon console as well. Beacon's shell command will send a task to execute a command on the compromised host. When the command completes, Beacon will present the output to you.





Complete Documentation on Beacon usage is available here.