Cortana: Rise of the Automated Red Team

DEF CON 20

Presented by: Raphael Mudge
Date: Friday July 27, 2012
Time: 12:00 - 12:50
Location: Track 5 / Penn & Teller

Do you ever wish that you could clone yourself during a penetration test?

Meet Cortana, a new scripting language to automate Metasploit and extend Armitage. Cortana is a penetration tester's scripting language inspired by scriptable IRC clients and bots. Its purpose is two-fold. You may create long running bots that simulate virtual red team members, hacking side-by-side with you. You may also use it to extend the Armitage GUI for Metasploit. To prevent self-aware bots from taking over the world, Cortana has blanket safety features to provide positive control when enabled. This talk will introduce Cortana, the automation gap it fills, and its capabilities to you. You will see several demonstrations of Cortana in action and get a flavor of what's now possible. Cortana was developed through DARPA's Cyber Fast Track program.

Raphael Mudge

Raphael Mudge is the founder of Strategic Cyber LLC, a Washington, DC based company that creates software for red teams. He created Armitage for Metasploit, the Sleep programming language, and the IRC client jIRCii. Previously, Raphael worked as a security researcher for the US Air Force, a penetration tester, and he even invented a grammar checker that was sold to Automattic. His work has appeared in Hakin9, USENIX ;login:, Dr. Dobb's Journal, on the cover of the Linux Journal, and the Fox sitcom Breaking In. Raphael regularly speaks on security topics and provides red team support to many cyber defense competitions. Twitter: @armitagehacker http://www.fastandeasyhacking.com/


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats