Episode 822 – Penetration Testing with Armitage for Metasploit

Raphael Mudge of FastAndEasyHacking.com joins Rob Fuller, aka Mubix, to talk about his project Armitage; a cross-platform GUI front-end for Rapid7’s Metasploit. Mudge demonstrate setting up the software, scanning for targets, attacking hosts with client side attacks or remote exploits, and finally pivoting throughout the network using pass-the-hash techniques. Time to grab some paper, pencil and an unsuspecting virtual machine!

Download HD Download MP4 Download WMV

Keep up with the latest on Hak5 by follow us on Twitter or Facebook. Subscribe and get your weekly technolust delivered automatically. Or show your support and grab some swag from the HakShop – including the new airport friendly WiFi Pineapple and hoodie. Finally if you’d like to suggest a topic
for ask a question feel free to hit up [email protected].


  • AJ

    So I found this article on this website (http://j.mp/fTqBBo) … They didn’t credit your even link the original article for the post. I have seen a few Hak5 articles there.

    Anyways keep putting out quality material. Anyone from Hak5 going to be at shmoocon?

  • SortMySystem

    couldn’t get armitage to connect, metasploit works as does its gui but on windows xp sp3 it fails authentication(jre r23)(says using postgres then says can’t connect, check its running…). shame looks great and would be well useful esp. for client demos. i’ll try again on a clean virtual not running apache/mysql…

    interesting episode (as always)

    btw check out content aware fills in cs5 😀

  • Dave L

    Did you guys switch to a lower bandwidth host provider? My broadband connection is screaming fast 20mbps down and 12mbps up, but the download and streaming from your site is way slower than it use to be, such as a 23 minute download of last weeks episode in which I use to get your downloads in less than 5 minutes =(

  • Cristian

    I have a question…it’s not i would want to hack google or anything… but lets say that you use the 0day exploit on the wan , so the google bot when he will hit your 0day page it will get exploited or something is it possible? a made a test some time ago with some kind of php script that crashes your browser not only ie but firefox and chrome too … so i put on my host 3 pages: 1.php(the crash script) 2.php(blabla) 3.php(blablabla) every page logs the ip adress of the person who connects to it…i waited and after a few months ive got the ip of tthe google bot in the logs of 1.php but not in 2.php and 3.php i think that it really crashed…

  • Zc

    SortMySystem – I had the same problem, you need to install metasploit first, update it and then run it before you extract your armitage files into the framework directory.


  • jackshack

    what happend to the whiteboard, or are we to lazy these days come on.. i lUve your shows but meta is a good thing, but making it like a video game is SHIT. sorry.. now red now hacked common, lets get real… do we thinlk with our own minds or do we play video gaming with automatic hacking.. ?!? why just not make all the smart people hand over the script kiddies the best things , and we sitt and look another movie…i bet u will be a bigger movie the kevin’s…… no im, not enligsh no US, whatever, your work is good, somethinges its flips tought. keep it going… i enjoy it anyway… sorry for spelling, but im on high speed typing… nighthawk honda RulEz !!! southeast asia !!!!

  • Lourival

    About the security answer … if you chose any question …
    I always have one answer that has no meaning with the question …

    What is you firts school name ?

    the answer is: I do not like grape

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>