Description

Before sending an exploit to a target, it helps to dress it up. Cobalt Strike's website clone tool can help with this. The website clone tool makes a local copy of a website with some code added to fix links and images so they work as expected.

It's possible to embed an attack into a cloned site.

Attack

Clone URL Full URL of the website to be cloned Local URI Write the URL of your attack in the Embed field and Cobalt Strike will add it to the cloned site with an IFRAME. Local host Cobalt Strike's server Local port Beacon-HTTP's port Attack Click the ... button to select one of the running client-side exploits. Log keystrokes Cloned websites can also capture keystrokes. Check the Log keystrokes on cloned site box. This will insert a JavaScript key logger into the cloned site.

To view logged keystrokes or see visitors to your cloned site, go to View -> Web Log.