The Complete Guide to Hunting Cobalt Strike - Part 3: Automated C2 Infrastructure Discovery

Hunt.io demonstrates automated detection and pivoting to uncover large-scale, persistent Cobalt Strike C2 infrastructure—reporting thousands of detections and detailed pivots (mail.live.com certificate CNs, an X.509 hash, and a Redacted Headers SHA256) with example HuntSQL queries, IOC listings (multiple IPs/ASNs), and practical mitigation guidance for network and endpoint defenses.