Import IP List about armitage HOT 4 CLOSED

One option: consider incorporating it as a module into Metasploit. Armitage 
blindly works off of Metasploit's importing capabilities. If you get it 
accepted into the MSF tree and it's a useful thing for most cases, I'd be happy 
to investigate adding it to the right spot in the UI.

Perhaps a similar project to this already exists. I'm sure I'm not the first to 
imagine something like this, but here it goes:

What if we were to use valid, and normal network requests to perform "stealth" 
network scans?  Things like blindly sending null session authorization 
attempts, http, ftp, etc.  Just traffic that might not have been included in 
IDS rules.  Remember, we don't need to authenticate, authentication failures 
can serve as a "return ping" so to speak, though obviously even mass 
authentication failures would set off alarms, so perhaps even a "super stealth" 
scan would be useful in cases where it's expected that the client has effective 
log monitoring implemented.

Obviously, this could provide some false positives and wouldn't be the scan to 
use if a comprehensive list of network devices was desired, but that's not the 
point.  I find that it's very easy to get a client's attention if I'm sitting 
on their DC with admin access within minutes of booting up and plugging in on a 
pen test.  I know that Armitage will help me make this happen faster for me, 
but for the greatest effect, I don't want to make any unusual noise on the 
network unless absolutely required before I begin exhaustive scans.

Just an idea, and perhaps I should post this someplace outside your issue 
tracker so I can collect some comments/input advice.  Just curious to hear your 
input and interest for now.

So what you're planning to do is generate legitimate looking traffic and using 
the results of that generated traffic to tell if a host is up or not? That 
could work. I think the best place for it though is a Metasploit module. 
Armitage is just a dumb UI that adds a few collaboration features and tools to 
launch existing modules.

We can continue this discussion via email, Twitter, or your blog. I'm just 
closing this as it's not directly related to Armitage development.