Saturday, 6:30pm ended my 2013 red teaming season. I’ve participated in the Collegiate Cyber Defense Competition as a red team volunteer since 2008. I love these events primarily because of the opportunity I get to interact with the student teams and learn from my peers in this field. But, since 2011, I’ve also traveled to […]
CTA Type: Resource
Metasploit 4.6 – Now with less Open Source GUI
Last week, I received an email from Tod B. at Rapid7 stating that the next binary installer of Metasploit would ship without Armitage and msfgui. Metasploit 4.6 drops both programs. According to Tod, the Metasploit Framework repository on Github will also drop both projects in the near future. The reason given is that Rapid7 does […]
Read More… from Metasploit 4.6 – Now with less Open Source GUI
WRCCDC – A Red Team Member’s Perspective
Western Regional CCDC was pretty epic. Given the level of interest in red activity, I’d like to share what I can. So much happened, I couldn’t keep up with all of it. That said, here’s my attempt to document some of the red team fun from my perspective at Western Regional CCDC. * . . […]
Pivoting through SSH
This is a pretty quick tip, but still useful. When you SSH to a host, you may use the -D flag to setup “dynamic” application-level port forwarding. Basically, this flag makes your ssh client setup a SOCKS server on the port you specify: What you may not know, is that it’s possible to send your […]
Missing in Action: Armitage on Kali Linux
As you may know, the highly anticipated Kali Linux is now available. If you’ve fired it up, you may notice it’s missing a familiar tool. Armitage is not present. The Kali Linux team added an Armitage package to its repository today. To get it: apt-get install armitage Before you start Armitage, make sure the postgresql […]
HOWTO Integrate third-party tools with Cortana
One of the goals of Cortana is to give you the ability to integrate third-party tools and agents into Armitage and Cobalt Strike’s red team collaboration architecture. Last year, I was able to put the base language together, but the API had a major gap. There was no sanctioned way for Cortana bots to communicate […]
Read More… from HOWTO Integrate third-party tools with Cortana
Cobalt Strike Updates 03.06.13
Just in time for this weekend’s North East Collegiate Cyber Defense Competition event, I have a fresh update to Armitage and Cobalt Strike. Here’s the highlights: Beacon 1. Beacon now auto-dumps keystrokes every time it wakes up. I found it too cumbersome to issue a command each time I wanted keystrokes. 2. Beacon has a […]
Deprecation Notice: Metasploit source checkouts will NO LONGER update over SVN – Move to Git
The official home of the Metasploit Framework’s source code has been github for a while now. Ever since the move to Git, Rapid7 has operated a subversion server that allowed older Metasploit Framework environments to continue to receive updates. Soon this SVN server will shut down (it’s time). That’s what these messages are about: If […]
My Software Development Practices: The Joel Test
Joel Spolsky is one of my favorite writers on the topic of software development. He coined a 12-step Joel Test to determine if your company had sane development practices. A lot of these are very common sense, but I’d like to share a little about how I work and this seems a good way to […]
Read More… from My Software Development Practices: The Joel Test
Cobalt Strike Boxed Set comes to ShmooCon
It’s the middle of February, love is in the air, and… I’m busy preparing for my favorite hacker conference ShmooCon. This year, for the second year in a row, Strategic Cyber LLC is sponsoring ShmooCon. Last year, I had intended to launch Cobalt Strike. Except, it wasn’t called Cobalt Strike and someone else beat me […]