Armitage tutorial: How to use Armitage for vulnerability assessments

Armitage tutorial: How to use Armitage for vulnerability assessments

Date: Jul 26, 2013

Enterprise endpoint diversity has exploded in recent years, with a wide variety of new machines and operating systems -- ranging from Macs, Windows and Linux desktops to iOS and Android mobile devices -- finding their way onto corporate networks. From a security perspective, a multitude of devices and OSes running on a network broadens the attack surface to an almost untenable point. Keeping an eye on and preventing the exploitation of these devices can be a challenge for any organization, especially those on tight budgets.

How can cash-strapped enterprises both get a better handle on the devices running on corporate networks and conduct thorough vulnerability assessments? They can use Armitage, the open source security tool for the Metasploit framework.

In this SearchSecurity screencast, Keith Barker, a Certified Information Systems Security Professional (CISSP) and trainer for CBT Nuggets LLC, guides viewers through an Armitage tutorial, from scanning approved enterprise networks to compromising machines with a variety of readily available attack methods via Metasploit.

With Armitage, enterprises can easily locate the machines running on a network, including the flavor and version of the OS running on each device. With that information, Armitage provides a thorough list of potentially successful attack methods for each OS version. Security pros can either run a specific attack method provided by Armitage to see if a machine will be compromised, or they can deploy a "Hail Mary" scenario, which essentially throws every attack method available at a device to determine which would be successful for an attacker. Armitage even provides the capability to take webcam shots and log keystrokes on victim machines, allowing a more thorough assessment of an organization's attack surface. With the free Armitage tool, performing vulnerability assessments and securing vulnerable machines has never been easier.

Editor's note: While this video discusses general strategies that could be used maliciously, the techniques demonstrated in the video are intended for defensive purposes only, and should not be employed for any other reason.

CBT Nuggets logo

About CBT Nuggets:
CBT Nuggets is a computer-based technology company specializing in cutting-edge online IT training. Founded in 1999 by current CEO Dan Charbonneau, CBT Nuggets provides quick, easy and affordable learning by renowned instructors for individuals, small teams and large organizations. CBT Nuggets also offers free videos on a variety of IT topics on the CBT Nuggets YouTube video channel.

About Keith Barker:
Keith Barker, CISSP, is a trainer for CBT Nuggets and has more than 27 years of IT experience. He is a double CCIE and has been named a Cisco Designated VIP. Keith is also the author of numerous Cisco Press books and articles.

More on Open Source Security Tools and Applications

  • canderson

    Enterprise strategies to enforce open source software security

    VIDEO - In this video, application security expert Michael Cobb discusses open source risks and how revised security policies can standardize development.
  • canderson

    How to use BlackStratus' LOG Storm, a free log management tool

    VIDEO - Keith Barker of CBT Nuggets demonstrates how to use LOG Storm, a free log management system from BlackStratus that organizes and prioritizes enterprise log data.
  • canderson

    How to use TripWire SecureScan, a free vulnerability scanning tool

    VIDEO - Video: Learn how to use TripWire SecureScan, the free vulnerability scanning tool that helps enterprises detect Heartbleed on networks and devices.
  • Take inventory of your open source software security

    Tip - Developers love reusing code, whether it’s an open source library or a code snippet copied from the Internet. This expert tip looks at the best ways to secure and monitor component-driven software.
  • Cost-effective Web application security testing

    Answer - Expert Michael Cobb discusses numerous open source and low-cost Web application security testing options for enterprises on a budget.
  • OpenAppID

    Definition - OpenAppID is an application-layer network security plugin for the open source intrusion detection system Snort.
  • Enterprise disk encryption options after the end of TrueCrypt

    Tip - The recent news that TrueCrypt is insecure and has been retired has left many enterprises struggling to decide which encryption technologies to trust. Expert Michael Cobb offers other enterprise encryption options.
  • TailsOS

    Definition - TailsOS is a LiveDistro-based operating system that is configured to run from removable storage and to leave no information stored on the computer after the user’s session. A LiveDistro is a distribution of an operating system on some bootable storage medium. The operating system and associated applications run from the storage device.

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: