info@coresecurity.com  | +1.617.399.6980 | Contact Us

• Solutions
  • Solutions Overview
    • About Our Solutions
    • Determine Exposure to Real-World Threats
    • Perform Continual, Automated Testing
    • Assess Security Across IT Layers
    • Validate Security Controls
    • Connect Security Data to Business Risk
  • Solutions by Industry
    • Financial Services
    • Government
    • Health Care
      • Respond to the HITECH ACT
      • Validate HIPAA Compliance
      • Limit Unauthorized Insider Activities
      • Maximize limited security staffing
      • Drive down Web-based Security Risks
      • Insulate Your Networks from Unauthorized Devices
      • Diminish the Impact of Social Engineering
      • Validate security investments
    • Higher Education
      • Overview
      • Assess exposure to potential data breaches
      • Insulate networks from unmanaged devices
      • Limit unauthorized insider activities
      • Drive down web-based security risks
      • Maximize limited security staffing
      • Diminish the impact of social engineering
      • Validate security investments
      • Meet compliance demands
    • Retail
  • Solutions for Compliance
    • CAG
    • FFIEC
    • FISMA / NIST
      • NIST 800-137
      • NIST 800-39
      • NIST 800-53
    • GLBA
    • HIPAA
    • PCI
    • SOX
    • Validate Security Controls
• Products
  • Products Overview
  • CORE INSIGHT Enterprise
    Security Intelligence Solution
    • Overview
    • How It Works
    • Dashboards
    • Reports
    • What's New
    • Demos
      • CORE Insight Videos
    • Data Sheets and White Papers
    • Comparing CORE INSIGHT to CORE IMPACT
    • How to Buy
  • CORE IMPACT Pro
    Penetration Testing Software
    • Overview
    • What It Tests
      • End-User Security Awareness
      • Endpoint Systems
      • Mobile Devices
      • Network Devices
      • Network Systems
      • Web Applications
      • Wireless Networks
      • IPS/IDS, Firewalls and Other Defenses
      • Vulnerabilities Identified by Scanners
    • Commercial-Grade Exploits
      • Overview
      • Recent Exploits and Updates
      • How Our Exploits Work
      • About Our Client-Side Exploits
      • About Our Agents
    • Vulnerability Scanner Integration
    • Reporting
    • What's New
      • Version 12.3
      • Version 12
      • Version 11
    • Demos
      • Impact
    • Data Sheets, White Papers and Other Resources
    • Intro To Penetration Testing
      • What Is Penetration Testing?
      • Comparing Security Testing Options
      • What To Look For
      • Independent Penetration Testing Resources
      • Conducting Penetration Tests
    • Comparing CORE IMPACT to CORE INSIGHT
    • Training, Certification and Support
    • How to Buy
  • Core WebVerify Web
    Application Security Testing Software
    • Overview
    • Web Application Vulnerability Coverage
    • WebVerify vs. Scanners
    • Reveal Implications of Application Vulnerabilities
  • Core CloudInspect Cloud Security Testing for AWS
  • Demos and Evaluations
  • The Research Behind Our Products
  • Why Our Products are Safe
  • How to Buy
• Services
  • Services Overview
  • Core Security Consulting
    Services
    • Overview
    • Comprehensive Penetration Testing
    • Application Penetration Testing
    • Web Services Security Assessment
    • Source Code Auditing
    • Wireless Penetration Testing
    • Leading-Edge Technology Testing
    • How to Buy
  • CORE IMPACT Professional Services
    • Overview
    • Web Application Penetration Testing Services
    • Network Penetration Testing Services
    • Client-Side Penetration Testing Services
    • Wireless Network Penetration Testing Services
    • Benefits
    • How to Buy
• CoreLabs Research
  • CoreLabs Overview
  • Research Projects
  • Advisories
  • Publications
    • Presentations and Papers
    • Journals and Magazines
    • Internet Articles
  • Open Source Projects
  • CoreLabs Extranet Site
• News & Events
  • News & Events Overview
  • Events and Webcasts
    • Webcasts
    • Conferences
    • Speaking Engagements
  • News
    • Press Releases
    • In The News
  • Reviews
  • Awards
• Partners
  • Partners Overview
  • Strategic Partners
    • Business Partners
    • Technology Partners
  • Training Partners
    • CICT Training and Certification
  • Using Core's Products in Your Consulting Practice
• Company
  • Company Overview
  • Management Team
  • Board of Directors
  • Customers
    • Success Stories
  • Careers
  • Contact Us
• Blog
• Customer Portal

Home :: Products :: CORE IMPACT Pro Penetration Testing Software :: What's New

CORE IMPACT Pro
Penetration Testing Software

• Products

• Products Overview

• CORE INSIGHT Enterprise
  Security Intelligence Solution
  • Overview
  • How It Works
  • Dashboards
  • Reports
  • What's New
  • Demos
    • CORE Insight Videos
  • Data Sheets and White Papers
  • Comparing CORE INSIGHT to CORE IMPACT
  • How to Buy

• CORE IMPACT Pro
  Penetration Testing Software
• Overview
• What It Tests
  • End-User Security Awareness
  • Endpoint Systems
  • Mobile Devices
  • Network Devices
  • Network Systems
  • Web Applications
  • Wireless Networks
  • IPS/IDS, Firewalls and Other Defenses
  • Vulnerabilities Identified by Scanners
• Commercial-Grade Exploits
  • Overview
  • Recent Exploits and Updates
  • How Our Exploits Work
  • About Our Client-Side Exploits
  • About Our Agents
• Vulnerability Scanner Integration
• Reporting
• What's New
• Version 12.3
• Version 12
• Version 11
• Demos
  • Impact
• Data Sheets, White Papers and Other Resources
• Intro To Penetration Testing
  • What Is Penetration Testing?
  • Comparing Security Testing Options
  • What To Look For
  • Independent Penetration Testing Resources
  • Conducting Penetration Tests
• Comparing CORE IMPACT to CORE INSIGHT
• Training, Certification and Support
• How to Buy

• Core WebVerify Web
  Application Security Testing Software
  • Overview
  • Web Application Vulnerability Coverage
  • WebVerify vs. Scanners
  • Reveal Implications of Application Vulnerabilities

• Core CloudInspect Cloud Security Testing for AWS

• Demos and Evaluations

• The Research Behind Our Products

• Why Our Products are Safe

• How to Buy

What’s New in CORE IMPACT Pro v10 - December 2009

CORE IMPACT v10 Pro extends the industry’s most comprehensive, commercial-grade penetration testing software with new capabilities for assessing wireless networks against real-world data breach threats. Fully integrated with the product’s established network, web application and client-side testing capabilities, the new wireless penetration testing capabilities allow IT security managers to identify at-risk wireless networks, crack encryption, and trace attack paths from initial points of wireless exposure to backend resources housing critical assets -- gaining actionable data at each step for efficient and effective risk mitigation.

In addition to offering newfound visibility into wireless risks, the release expands the breadth and depth of the product’s proven web application, network and client-side penetration testing vectors. For instance, IT security managers using CORE IMPACT can now help organizations assess their exposure to six of the OWASP Top Ten web application security risks, quickly measure vulnerability criticality by pinpointing sensitive data on at-risk file systems, and test end-user awareness and endpoint security with new types of Trojan and phishing attacks.

CORE IMPACT Pro v10 also offers new enterprise capabilities for accessing and sharing penetration testing data. For example, new trend reporting capabilities can be used to compare results from multiple penetration tests, and new dashboard capabilities present local usage data and compare local results against statistics compiled from the broader CORE IMPACT Pro community.

In CORE IMPACT Pro v1o new features include:

• New Integrated Wireless Penetration Testing Capabilities
• OWASP Top 10 Additions to Web Application Testing Capabilities
• A4 Insecure Direct Object References + A7 Failure to Restrict URL Access
• A6 Security Misconfiguration
• A10 Insufficient Transport Layer Protection
• Expansion of Breadth and Depth in Existing Web App Testing Capabilities
• Usage Statistics and Customer Community Data Aggregation
• New and Improved Reports
• New Pre-Exploitation Capabilities
• New Post-Exploitation Capabilities
• Client-Side Penetration Testing Updates
• IMPACT Agent Updates
• Microsoft Windows 7 Support

New Integrated Wireless Penetration Testing Capabilities

Core Security Technologies is committed to empowering our customers to assess their security posture across the broadest range of possible attack vectors, using testing techniques that mirror the approaches used by actual attackers. We are therefore pleased to announce the addition of extensive Wi-Fi attack capabilities to CORE IMPACT Pro’s existing web application, network and client-side penetration testing vectors.

• Wi-Fi Discovery and Information Gathering
  Many organizations have policies against unauthorized Wi-Fi networks. IMPACT Pro’s discovery capabilities allow users to identify both authorized networks and unauthorized points of access. It then profiles any networks discovered by analyzing signal and packet data to measure network strength, determine security protocols, and identify devices interacting with the involved network.

• Wi-Fi Attack and Penetration
  CORE IMPACT Pro determines keys by taking advantage of known vulnerabilities in WEP-secured networks. The solution also assesses networks secured by WPA and WPA2 (using a Pre-Shared Key) via dictionary attacks that leverage information from sniffed authentication attempts.

• Pivoting from Wireless Testing to Network, Web Application and Client-Side Testing
  Only CORE IMPACT Pro offers true multistaged penetration testing capabilities, allowing users to replicate attacks that can occur after the initial Wi-Fi network compromise. By integrating wireless assessments with web application, network and endpoint testing, CORE IMPACT reveals and documents paths of exposure to sensitive data residing on backend systems.

• Wireless Penetration Testing Reports
  CORE IMPACT Pro generates reports of wireless networks discovered, client-to-access point relationships, and access point profile information. Reports also include information about which networks were tested against attacks, which where successfully compromised, and which weaknesses allowed the compromise.

Wireless Penetration Testing with CORE IMPACT Pro requires the use of an AirPcap TX Wireless Packet Capture Adapter from CACE Technologies. A discount is available for CORE IMPACT customers.

OWASP Top 10 Additions to Web Application Testing Capabilities

In IMPACT Pro v10, web application penetration testing continues to appreciate significantly, now helping organizations to test their websites for six of the top ten web applications risks as ranked by the widely respected Open Web Application Security Project (OWASP). OWASP vulnerabilities newly addressed by IMPACT Pro include:

A4 Insecure Direct Object References + A7 Failure to Restrict URL Access

• Hidden Pages Identification
  Web applications sometimes have unlinked administration and configuration pages that are “hidden,” requiring access via explicit URLs. IMPACT Pro now checks for hidden pages in addition to crawling websites for pages to be targeted with the solution’s web application exploitation capabilities.

• Backup / Old Pages Identification
  As web applications are updated over time, old versions and backups of pages are often left behind on the server. These old pages can contain vulnerabilities or disclose valuable information about the web application. IMPACT Pro now crawls for variations of live pages to be targeted with web application tests.

• Retrieve and Follow Robots.txt Files
  Robots.txt files contain URLs that the web application owner wishes to be ignored by automated web crawling robots, such as those used by search engines. IMPACT can now discover, read and crawl the contents of Robots.txt files to search for administration pages and other sensitive URLs.

A6 Security Misconfiguration

A truly secure web application depends on having a secure configuration defined for the application, framework, web server, application server, and platform. Only IMPACT Pro’s multi-vector penetration testing capabilities allow you to test not only the web application but also the underlying server and its environment.

A10 Insufficient Transport Layer Protection

• SSL Strength Module
  CORE IMPACT Pro’s new SSL Strength Module allows testers to flag weak levels of encryption in HTTPS-secured sites.

The new modules build on IMPACT Pro’s preexisting assessment capabilities for the top two OWASP Top Ten vulnerabilities:  A1 Injection Flaws and A2 Cross-Site Scripting (XSS).

Expansion of Breadth and Depth in Existing Web App Testing Capabilities

CORE IMPACT continues to extend its proven web application testing capabilities to reflect the techniques employed by today’s sophisticated cybercriminals throughout all stages of attack.

• New Capabilities for Testing POST-based Cross-Site Scripting Vulnerabilities
  IMPACT Pro now identifies and confirms the exploitability of both GET- and POST-based Cross-Site Scripting vulnerabilities.

• Information Gathering Queuing for Cross-Site Scripting Tests
  Since the window of opportunity for gathering information about systems compromised by XSS attacks can be brief, IMPACT now allows testers to queue information gathering modules to run automatically once a system is compromised during a test.

• New Post-Exploitation Capabilities for PostgreSQL Databases Compromised During SQL Injection Tests
  Once IMPACT compromises a PostgreSQL database via SQL Injection, users can deploy an IMPACT agent on the compromised database server and take the same post-exploitation actions an attacker would, including pinpointing sensitive data and using the server as a beachhead from which to launch additional penetration tests against the backend network.

Usage Statistics and Customer Community Data Aggregation

With IMPACT v9, released in June 2009, customers had the option to contribute anonymous statistics to a Customer Community Data Aggregation program. These statistics included usage frequency, tested environments, and the success rate of exploits and other testing modules. IMPACT v10 enables all users to view their own statistics in the product’s dashboard, plus customers opting into the aggregation program can view overall statistics for the community.

In addition to assisting customers in making informed decisions about courses of action for future tests, the aggregated community statistics help Core Security to better tailor the product for our customers.

• Local Statistics Dashboard Reporting
  All customers can now view local usage statistics in the product dashboard, including:

• Number hosts found
• Top three operating systems found
• Top three:
• TCP Ports
• TCP Services
• UDP Ports
• UDP Services
• Number of successful exploits
• Top three successful exploits
• Number of web pages assessed

• Customer Community Data Aggregation
  Customers opting into the Data Aggregation program are able to also see anonymous, compiled usage statistics from the Core Community. No data about participant’s environment -- including IP addresses and other identifiable information -- is shared; all transmitted data is encrypted; and users can view data before it is submitted.

New and Improved Reports

CORE IMPACT’s commercial-grade reports help security professionals to distill test results into actionable data for informed and efficient remediation, while tracking the effectiveness of vulnerability management efforts over time for compliance and auditing purposes. Reporting additions in the new release include:

• New Trend Report
  With the new Trend Report, IMPACT Pro users can track data from up to 52 penetration tests over time, graphically representing changes in an organization’s security posture as exploitable vulnerabilities are identified, remediated and re-tested.

• Other Reporting Enhancements:
• Improved Attack Path Reports to depict how chains of exploitable vulnerabilities create paths to backend systems.
• Updated and Improved Delta Reports to compare and contrast results from specific testing sessions.
• New Activity Report by Host to detail specific testing activities conducted on individual target systems.

 New Pre-Exploitation Capabilities

• Dictionary Attack
  An exploitable vulnerability is not the only way an attacker can gain access to target systems. Empty or easily guessable passwords can also provide a path of attack. Recognizing this, IMPACT Pro v10 includes Dictionary Attack capabilities that attempt to gain access to exposed SSH, FTP and SMB services.

• Cisco IOS Attack
  Switches and routers are the backbone of a network. IMPACT Pro will attempt to retrieve the configuration information from these devices through a vulnerability and attempt to decrypt any password information contained in the file.

 New Post-Exploitation Capabilities

CORE IMPACT Pro allows customers to measure the true risk presented by exploited vulnerabilities, empowering them to replicate actions taken by an attacker after the initial compromise. Testers can also evaluate the effectiveness applications designed to monitor and protect the internal network from a breach. New post-exploitation capabilities in IMPACT Pro v10 include:

• Remote Desktop Access
  CORE IMPACT Pro v10 extends the product’s post-exploitation capabilities to full remote access using VNC. IMPACT Pro can now deploy or enable VNC on compromised systems, giving the tester full remote control of the system’s GUI. IMPACT can also create usernames and set passwords if the target system requires an account for GUI access. All actions taken on compromised systems are recorded.

• Identify Sensitive Data Module for File Systems
  Building on IMPACT Pro’s existing Get Sensitive Data module for databases, this new post-exploitation capability uses pattern recognition to identify sensitive data in compromised file systems. IMPACT can identify credit card numbers, social security numbers and email addresses by default, and users can also define search criteria appropriate for their organizations. Obfuscation capabilities are also available to prevent exposing specific data during testing.

• Audit Log Cleaner
  If an organization does not detect a breach, forensics staff must be able to investigate the compromised systems and determine the attacker’s post-breach actions. Important sources of data during forensics investigations are the event and audit logs maintained by each system. An attacker will typically attempt to clear these logs in order to cover their trail. IMPACT Pro allows the tester to perform the same action, thus enabling an organization to truly replicate an attack and asses their ability to investigate and report correctly on data incidents.

• Module Autorun
  The new Module Autorun capability enables penetration testers to queue local information gathering modules, privilege escalation exploits, and other modules to execute automatically once a system is successfully compromised by CORE IMPACT. Users can now create macros and flag them as “autorunable,” making this capability truly flexible.

• Integration of Core Security’s Pass the Hash and Who is There Solutions
  CORE IMPACT is now fully integrated with the company’s Pass the Hash and Who is There open source solutions, allowing IMPACT to impersonate user accounts currently logged into a target system and access other systems using those credentials.

Client-Side Penetration Testing Updates

End users continue to represent the weakest link in information security for many organizations. CORE IMPACT Pro v10 enables security professionals to assess both end-user awareness and the resiliency of endpoint systems, adding the following enhancements to its unmatched client-side testing capabilities:

• Security Awareness Tests – Phishing Without Exploitation
  CORE IMPACT Pro users can now assess security awareness among email users without attempting to compromise their systems. The new capability tracks and reports on clicks by recipients of IMPACT-generated phishing emails without testing for vulnerabilities.

• Ability to Embed IMPACT Agents into PDF Files
  Building on IMPACT Pro’s existing capability to embed IMPACT Agents into MS Office documents for social engineering tests, the product can now embed Agents into PDF files. End users need only to open the PDF for exploits to run, and a vulnerable version of a PDF reader is not required.

• Ability to Embed IMPACT Agents into Existing Executables
  This new capability can be used to create attachments for phishing tests using any executable (such as a game), as well as to infect startup executables on systems compromised during network penetration testing.

• Automatic Use of Endpoint Application Exploits
  To speed client-side penetration testing, CORE IMPACT users can now choose to have the product automatically launch only the most current – and therefore most likely to be effective – exploit for a target application.

• Use of Small URLs in Phishing Templates
  The use of small URLs in IMPACT’s phishing templates helps test emails to avoid spam filters and masks destination URLs from email recipients.

• Client-Side Information Gathering via Web Bugs in Microsoft Word
  Building on the product’s existing email-based information gathering module, CORE IMPACT now allows users to insert web bugs into Word documents sent as attachments during Client-Side Penetration Testing. When the Word document is opened by an email recipient, the web bug connects back to CORE IMPACT and transmits information about the endpoint system and its outbound connectivity.

 IMPACT Agent Updates

IMPACT Agents are deployed into the memory space of systems compromised during testing, allowing security professionals to replicate an attacker’s post-breach actions and assess the implications of exploited vulnerabilities. Agent enhancements in IMPACT Pro v10 include:

• Addition of HTTPS as a Communication Channel
  In addition to HTTP, IMPACT Agents deployed by Client-Side exploits can now use HTTPS to communicate back to the IMPACT console. Because HTTPS is a common protocol, IMPACT tests are more likely to evade detection by IPS and IDS systems. By definition, HTTPS packets are also encrypted making them resistant to inspection.

• Persistent Agent Support for “Connect-From” Communication
  IMPACT Pro’s Persistent Agent allows penetration testers to re-establish communications with a compromised system if the system or the IMPACT console is restarted. The addition of Connect-From increases the ability of the Agent to connect back to the IMPACT console without interruption from firewalls and other barriers.

• Install Agent via SQL Interface
  If a database has an exposed listening port on an identified network, IMPACT Pro can now leverage that interface to take OS control of the database server.

 Microsoft Windows 7 Support

• Windows 7 Installation Platform
  CORE IMPACT Pro v10 can be installed on 32-bit versions of Windows 7 Pro and Ultimate.

• Windows 7 Exploits
  Core Security remains committed to keeping our commercial-grade exploits updated and relevant to current attack techniques and targets, including Windows 7. Existing CORE IMPACT Pro exploits will be extended to target Windows 7 where applicable, and Core Security will continue to research and develop new exploits as new vulnerabilities in Windows 7 arise.
  

Related Content