Another awesome Cobalt Strike update is available. This update is a grab bag of changes with the main theme being your requests.

First, the spear phishing feature is more flexible. You may now authenticate to an SMTP server to send your phishes. Cobalt Strike now supports connecting to SSL-enabled SMTP servers too.

I’m commonly asked, “does Cobalt Strike export its reports as Word documents or just PDF?” In the past, the answer was PDF only. As of this update, you may now export Cobalt Strike reports as either PDF or MS Word documents. The fidelity between the two formats is amazing. For those of you who rely on Cobalt Strike’s reporting engine, you will be very happy with this update.

Finally, this update improves Cobalt Strike’s credential management capability. You may now import credentials during an engagement or right-click credential entries to delete them. Press Import from the View -> Credentials tab. This is another common feature request.

The full change log is available at http://www.advancedpentest.com/releasenotes.txt

Licensed Cobalt Strike users may get the latest version using the update program. If you’d like to try Cobalt Strike, request a 21-day trial at the website.