March and April 2012, I worked with ~80 security professionals, in remote and local contexts, to break into systems protected by ~500 active defenders across several events. In this talk, I share my experiences from the 2012 Cyber Defense Competition season and use them to analyze Armitage as a red teaming platform. Collaboration, automation, and distribution are discussed as opportunities to coordinate, scale, and protect red efforts. This talk is not about individual features. It's an exploration of how red teams organize themselves, what does and doesn't work, how we work around our tools, and what we need next. Those interested in the future of collaborative hacking should attend this talk.
Raphael Mudge is the founder of Strategic Cyber LLC, a Washington, DC based company that creates software for red teams. He created Armitage for Metasploit, the Sleep programming language, and the IRC client jIRCii. Previously, Raphael worked as a security researcher for the US Air Force, a penetration tester, and he even invented a grammar checker that was sold to Automattic. His work has appeared in Hakin9, USENIX ;login:, Dr. Dobb's Journal, on the cover of the Linux Journal, and the Fox sitcom Breaking In. Raphael regularly speaks on security topics and provides red team support to many cyber defense competitions.