Armory : A Tool Meant to Take in a Lot of External & Discovery Data

Armory is a tool meant to take in a lot of external and discovery data from a lot of tools, add it to a database and correlate all of related information. It isn’t meant to replace any specific tool. It is meant to take the output from various tools, and use it to feed other tools.

Additionally, it is meant to be easily extendable. Don’t see a module for your favorite tool? Write one up! Want to export data in just the right format for your reporting? Create a new report!

Also Read – Mad Metasploit : Metasploit Custom Modules, Plugins & Resource Script

Installation

First, set up some kind of virtual environment of your choice.

Clone the repo:

git clone https://github.com/depthsecurity/armory

Install the module:

python setup.py install

You will want to run armory at least once in order to create the default config directory: ~/.armory with the default settings.ini and settings for each of the modules.

Next edit settings.ini and modify the base_path option. This should point to the root path you are using for your current project.

You should change this with every project, so you will always be using a clean database. All files generated by modules will be created in here, as well as the sqlite3 database. By default it will be within the current directory-.

Usage

Usage is split into modules and reports.

Modules

Modules run tools, ingest output, and write it to the database. To see a list of available modules, type:

armory -lm

To see a list of module options, type:

armory -m -M

Reports

Reports are similar to modules, except they are meant to pull data from the database, and display it in a usable format. To view all of the available reports:

armory -lr

To view available report options:

armory -r -R

Interactive Shell

There is also an interactive shell which uses IPython as the base and will allow you to run commands or change database values. It can be launched with: armory-shell.

By default, the following will be available: Domain, BaseDomains, IPAddresses, CIDRs, Users, Creds, Vulns, Ports, Urls, ScopeCIDRs.

Download
R K

Share
Published by
R K
Tags: ArmorydatabaseDiscovery Data
6 years ago

Recent Posts

Shadow-rs : Harnessing Rust’s Power For Kernel-Level Security Research

shadow-rs is a Windows kernel rootkit written in Rust, demonstrating advanced techniques for kernel manipulation…

1 week ago

ExecutePeFromPngViaLNK – Advanced Execution Of Embedded PE Files via PNG And LNK

Extract and execute a PE embedded within a PNG file using an LNK file. The…

2 weeks ago

Red Team Certification – A Comprehensive Guide To Advancing In Cybersecurity Operations

Embark on the journey of becoming a certified Red Team professional with our definitive guide.…

3 weeks ago

CVE-2024-5836 / CVE-2024-6778 : Chromium Sandbox Escape via Extension Exploits

This repository contains proof of concept exploits for CVE-2024-5836 and CVE-2024-6778, which are vulnerabilities within…

3 weeks ago

Rust BOFs – Unlocking New Potentials In Cobalt Strike

This took me like 4 days (+2 days for an update), but I got it…

3 weeks ago

MaLDAPtive – Pioneering LDAP SearchFilter Parsing And Security Framework

MaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection. Its foundation is…

3 weeks ago