Monday, January 03, 2011

toolsmith: Armitage - Cyber Attack Management for Metasploit



Raphael Mudge's Armitage is the subject of January 2011's toolsmith in the ISSA Journal.
Armitage is a "cyber attack management" platform for Metasploit.
Depending on your background or the availability of commercial tools in your environment (Core, Canvas, etc.), your comfort with Metasploit likely varies
with the depth of your experience. Armitage1 is designed to help close some of the experience or comfort gaps, described by the developer as useful for “non-hackers”.
For use as a demonstration tool to elucidate vulnerabilities and their exploit to management or customers, Armitage is excellent.
Basic Armitage workflow (should be familiar to all pentesters):
Create a workspace, conduct or import scans, identify vulnerabilities, determine appropriate attacks, gain access, and further your presence in the environment.
I've always loved the premise of attack pivoting. Gain a foothold on one system, them jump off to another host or network. Armitage definitely supports such thinking. ;-)
Download Backtrack 4 R2, install Armitage, and see what you think. I enjoyed testing it for this article immensely; I believe you'll find it equally useful.
Download the article here.

Cheers.

del.icio.us | digg | Submit to Slashdot

Please support the Open Security Foundation (OSVDB)

1 comment:

Doug Burks said...

Russ,

Armitage is an excellent choice for this month's Toolsmith column! It's included in the new version of Security Onion [1], which should be available this week.

Regards,
Doug Burks
[1] - http://securityonion.blogspot.com