Armitage Documentation

Advanced Threat Tactics with Armitage and Metasploit at LASCON 2011

Abstract

Metasploit is a powerful exploit framework and a must-have tool for penetration testers. Armitage builds a workflow on top of the Metasploit framework and exposes its most advanced capabilities. This demonstration and lab oriented session will teach you Metasploit and Armitage for the purpose of emulating adversary tactics. This course will start with the basics and quickly take you into the workflow of modern threats.

You'll learn how to:

  • Choose the right remote exploit (when applicable)
  • Spy on a user
  • Create trojan files
  • Manage covert HTTP and HTTPS communications
  • Launch social engineering attacks
  • Use pivoting and pass the hash to take over a network.

This course expands on the Armitage and Metasploit training course with extra depth on how to integrate Metasploit with other tools and execute social engineering attacks.

Prerequisites

To participate in the labs, you must have VMWare Player, VMWare Fusion, or VMWare Workstation installed. Your laptop should be capable of connecting to a wireless network as well.

You should be familiar with how to work on the command line in either Linux or Windows. This course does not assume familiarity with Metasploit.

Labs

This is a hands-on course. The instructor will provide virtual machines for you to practice on and several targets will be available over a wireless network as well.

How to Register

  1. Sign up for the LASCON 2011 Conference on 28 Oct 11
  2. In the Agenda tab, check Advanced Threat Tactics with Armitage and Metasploit for 27 Oct 11

Logistics

  • Where? Norris Conference Center. Austin, TX
  • When? 27 Oct 11 (class), 28 Oct 11 (LASCON conference)
  • How long? ~8 hours (9am-5pm)
  • Cost? $250 for the class, up to $225 for the conference

Your Instructor

This class will be taught by Raphael Mudge, a little about him:

Raphael Mudge is a Washington, DC, based code hacker working on a new startup effort. He is the developer of the open source Armitage for Metasploit. Raphael regularly writes and speaks on security topics. His work has appeared in USENIX ;login:, Linux Journal, and Hakin9. Previously, Raphael worked as a security researcher, software engineer, penetration tester, and system administrator.

Questions?

Send an email to contact at fastandeasyhacking dot com. I'll gladly answer any questions you have about this course.