Armitage is Metasploit’s GUI and although you can find instructions on installing this on Kali Linux, for me, it was no more difficult than running an Metasploit update (msfupdate) and requesting armitage in the Terminal.
A pop-up box appeared with: Host 127.0.0.1 – Port 55553 – User msf – Pass test and I selected “connect”. Another pop-up box entitled “Start Metasploit” with “A Metasploit RPC server is not running or not accepting connects yet. Would you like me to start Metasploit’s RPC server for you?” and I selected “yes”.
Once opened I selected Hosts >> Add hosts and gave the pop-up box the IP of my Ununtu system running Security Onion. Once the computer screen with IP address image appeared in the “Target” panel, I simply right-clicked and selected scan.
I must admit, having spent the last six months in the Command Prompt this was a joy.
I checked out the Security Onion IDS and was surprised to note this was not detected by Snorby; however, it was in Sguil as represented by the Squert output:
Note the Yellow coloured bar indicates “reconnaissance” which of course this scan is.
I have a sneaking suspicion that Amitage is going to be very good fun indeed. 