Originally video published at: https://videos.cobaltstrike.net/browser-pivoting-cobalt-strike-4-0/
A Browser Pivot is a man-in-the-browser attack to hijack a compromised user’s authenticated web sessions. Cobalt Strike implements browser pivoting with a proxy server that injects into 32-bit and 64-bit Internet Explorer. When you browse through this proxy server you inherit cookies, authenticated HTTP sessions, and client SSL certificates. Browser Pivoting is a powerful way to demonstrate risk with a targeted attack.