Armitage – Cyber Attack Management & GUI For Metasploit

The New Acunetix V12 Engine


Armitage is a graphical cyber attack management tool for Metasploit that visualizes your targets, recommends exploits, and exposes the advanced capabilities of the framework. Armitage aims to make Metasploit usable for security practitioners who understand hacking but don’t use Metasploit every day. If you want to learn Metasploit and grow into the advanced features, Armitage can help you.

Armitage organizes Metasploit’s capabilities around the hacking process. There are features for discovery, access, post-exploitation, and maneuver.

For discovery, Armitage exposes several of Metasploit’s host management features. You can import hosts and launch scans to populate a database of targets. Armitage also visualizes the database of targets–you’ll always know which hosts you’re working with and where you have sessions.

Armitage assists with remote exploitation–providing features to automatically recommend exploits and even run active checks so you know which exploits will work. If these options fail, you can use the Hail Mary approach and unleash db_autopwn against your target database.

For those of you who are hacking post-2003, Armitage exposes the client-side features of Metasploit. You can launch browser exploits, generate malicious files, and create Meterpreter executables.

Once you’re in, Armitage provides several post-exploitation tools built on the capabilities of the Meterpreter agent. With the click of a menu you will escalate your privileges, dump password hashes to a local credentials database, browse the file system like your local, and launch command shells.

Finally, Armitage aids the process of setting up pivots, a capability that lets you use compromised hosts as a platform for attacking other hosts and further investigating the target network. Armitage also exposes Metasploit’s SOCKS proxy module which allows external tools to take advantage of these pivots. With these tools, you can further explore and maneuver through the network.

If you want to learn more about Metasploit there are also some great resources here:

Learn to use Metasploit – Tutorials, Docs & Videos

Requirements

To use Armitage, you need the following:

  • Linux or Windows
  • Java 1.6+
  • Metasploit Framework 3.5+
  • A configured database. Make sure you know the username, password, and host.

Armitage Changelog

You can download Armitage here:

Windows – armitage112510.zip
Linux – armitage112510.tgz

Or read more here.

Posted in: Exploits/Vulnerabilities, Hacking Tools

, ,


Latest Posts:


Acunetix Vulnerability Scanner For Linux Now Available Acunetix Vulnerability Scanner For Linux Now Available
Acunetix Vulnerability Scanner For Linux is now available, now you get all of the functionality of Acunetix, with all of the dependability of Linux.
Gerix WiFi Cracker - Wireless 802.11 Hacking Tool With GUI Gerix WiFi Cracker – Wireless 802.11 Hacking Tool With GUI
Gerix WiFi cracker is an easy to use Wireless 802.11 Hacking Tool with a GUI, it was originally made to run on BackTrack and this version has been updated for Kali (2018.1).
Malcom - Malware Communication Analyzer Malcom – Malware Communication Analyzer
Malcom is a Malware Communication Analyzer designed to analyze a system's network communication using graphical representations of network traffic.
WepAttack - WLAN 802.11 WEP Key Hacking Tool WepAttack – WLAN 802.11 WEP Key Hacking Tool
WepAttack is a WLAN open source Linux WEP key hacking tool for breaking 802.11 WEP keys using a wordlist based dictionary attack.
Eraser - Windows Secure Erase Hard Drive Wiper Eraser – Windows Secure Erase Hard Drive Wiper
Eraser is a hard drive wiper for Windows which allows you to run a secure erase and completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.
Insecure software versions are a problem Web Security Stats Show XSS & Outdated Software Are Major Problems
Netsparker just published some anonymized Web Security Stats about the security vulnerabilities their online solution identified on their users’ web applications and web services during the last 3 years.


4 Responses to Armitage – Cyber Attack Management & GUI For Metasploit

  1. Fabri December 1, 2010 at 2:06 pm #

    if you use BackTrack 4 R2 you can just type ‘apt-get install armitage’

    for more info view this: http://www.offensive-security.com/backtrack/armitage-in-backtrack-4-r2/
    (hoping I could insert this link)

    • Darknet December 1, 2010 at 4:44 pm #

      No probs Fabri, thanks for the info.

  2. will61 January 16, 2011 at 5:21 am #

    Armitage organizes Metasploit

  3. pwnsauce January 25, 2011 at 10:21 am #

    I am of the opinion that Armitage moreso gives a better GUI frontend for it, basically leverages the directory structure of MetaSploit.

    I found on my laptop it is slow as hell, but thats a hardware issue. I also found that when I updated MSF last night I noticed ‘Armitage’ as part of the downloads…

    By the way, I always wondered. Is db_autopwn good for anything besides triggering every IDS this side of China? It strikes me as similar to using a shotgun where a sniper rifle is needed… Though I had some luck when coupled with Nessus, NeXpose and nmap scans… What is truly needed is a database manager that matches the Nessus, nmap, NeXpose, etc. results together by port/vuln/service and then can match them to appropriate exploits and payloads. Perhaps then db_autopwn will work well…

    (me and some colleagues now use db_autopwn as a joke, say if someone manages to pointlessly insult everyone in the room, it is them using db_autopwn!)

    Also, anyone got a link to help me setup a MySQL database for MSF on a BackBox Linux box? it is Ubuntu 10.04LTS based.