CORE IMPACT Pro v11 Empowers Customers to Conduct Integrated Testing Across Network Infrastructure and Extend Web Application Security Assessments
BOSTON - Dec. 7, 2010 - Core Security Technologies, the market’s leading provider of IT security test and measurement solutions that identify and prove real-world exposures to critical assets, today introduced the latest version of its automated penetration testing solution, CORE IMPACT Pro version 11.
CORE IMPACT Pro continues to be the most comprehensive penetration testing product available, enabling customers to conduct real-world assessments across a broad spectrum of risk areas, including network systems, endpoint systems, end users, web applications, wireless networks – and now, network devices. Since 2001, CORE IMPACT has evolved to offer the deepest level of professionally developed and updated penetration testing capabilities available today. The latest round of new features allows customers to …
- detect and exploit network router and switch vulnerabilities
- import web vulnerability scan results and validate them for exploitability
- exploit Persistent(or Stored) Cross-Site Scripting (XSS) vulnerabilities
- exploit Cross-Site Scripting (XSS) vulnerabilities in Adobe Flash® applications
- reveal additional top web application vulnerabilities as defined by OWASP
- replicate wireless Man-in-the-Middle (MiTM) attacks
- leverage expanded client-side phishing capabilities
Integrated Network Device Testing Capabilities
With IMPACT Pro v11 penetration testing software, organizations can now assess their exposure to attacks carried out against network devices. This is a key area of concern for today’s IT security organizations based on networking equipment’s highly strategic role in isolating sensitive systems and data from unauthorized access. For instance, given control of a router’s configuration, an attacker could gain access to other networks that otherwise would not be detectable. An attacker with command of a switch could quietly steal and manipulate data, as well as inject their own malicious data into switch traffic.
To help security teams extend their testing capabilities and learn whether their network devices are vulnerable to attacks, CORE IMPACT Pro v11 adds the following testing capabilities:
- Information gathering and fingerprinting: As a part of Network Information Gathering, IMPACT Pro will scan a range of IP addresses and return a list of discovered network devices as well as any identifying attributes (e.g., manufacturer, device/model, OS).
- Detection and exploitation of configuration vulnerabilities: In order to verify that access to a network device has been achieved, IMPACT Pro offers testers several non-aggressive techniques to verify access, including configuration retrieval, device renaming, password cracking, access list piercing, and interface monitoring.
As Core Security’s CoreLabs research team demonstrated in presentations delivered at the Black Hat USA ethical hacking summits in both 2010 and 2008, attackers have already designed advanced methods for compromising network device vulnerabilities to carry out a full range of remote cyber-assaults.
"Network security devices can be areas of vulnerability exposure if not properly configured, managed and patched," said Diana Kelley principal analyst at SecurityCurve. "That's why a robust penetration testing plan includes these assets. Organizations need to understand if network device vulnerabilities exist and if these vulnerabilities can lead to data theft or other forms of compromise."
Web Application Vulnerability Scanner Integration
CORE IMPACT Pro has long featured integration with multiple network vulnerability scanners to help customers filter results and identify their most significant points of exposure, and the latest release adds integration with web application scanning tools such as IBM Rational AppScan® and HP WebInspect®. By feeding the often voluminous results of their web application scans directly into IMPACT Pro, customers can now:
- Prove the exploitability of web application vulnerabilities, with no false positives, to both prioritize and inform remediation efforts to minimize the time and money spent on re-coding efforts.
- Leverage CORE IMPACT’s industry-leading privilege escalation and pivoting capabilities to gain administrative access on web servers and leverage them as beachheads for additional attacks against backend network systems – just as an attacker would.
- Use scan results to identify pages (URLs) to penetration test, in addition to utilizing CORE IMPACT’s own page identification capabilities.
Testing for Persistent Cross-Site Scripting Vulnerabilities in Web Applications
In addition to empowering users with its existing Reflective XSS attack capabilities, IMPACT Pro v11 enables them to exploit Persistent (or Stored) XSS vulnerabilities. Persistent XSS is an insidious form of attack because it implants the vulnerable web application with malicious code, which subsequently runs against end user browsers that load the application. For instance, an attacker could target a vulnerable blog by adding a comment containing exploit script. As end users view the blog in their browsers, the script would run against their systems. Since Persistent XSS doesn’t require phishing to target end users, it can affect a larger population in a much more subversive way.
Testing for Cross-Site Scripting Vulnerabilities in Adobe Flash Objects
Cross-Site Scripting (XSS) detection and exploitation for Adobe Flash objects is new for IMPACT Pro and extends the capabilities of the web application test vector by targeting dynamic Flash content in addition to static HTML applications.
Additional Web Application Testing Enhancements
Other improvements to the product’s web applications capabilities include enhanced web page crawling (i.e., to identify potential targets); additional web application firewall (WAF) evasion); and scheduling of web application tests – as well as new testing capabilities that provide additional coverage for the following OWASP top web applications risks:
- A3: Broken Authentication and Session Management
- A6: Security Misconfiguration
- A8: Failure to Restrict URL Access
With v11, CORE IMPACT Pro now provides penetration testing capabilities that address seven of the OWASP top ten web applications risks (A1, A2, A3, A4, A6, A8 and A9).
Wireless Testing Enhancement, Including Man-in-the-Middle (MiTM) Attacks
Last year, Core Security introduced the industry’s first integrated wireless penetration testing solution, and enhancements to this vector continue in IMPACT Pro v11.
New wireless MiTM testing capabilities in CORE IMPACT Pro v11 allow organizations to test their resiliency in several ways, notably by empowering testers to establish an imposter wireless access point and then launch tests against any systems that subsequently connect. Once a system connects to the access point, the tester is able to target it with IMPACT penetration tests and take the same steps an attacker would, including:
- Attempting to harvest usernames and passwords from wireless traffic or from endpoint systems connected to the IMPACT access point
- Inserting exploits into traffic sent and received by the connected machines
- Fingerprinting the machine
- Launching OS, services and application exploits
Once the connecting system is exploited, the user can leverage CORE IMPACT’s network testing capabilities to reveal and follow attack paths across other systems on the same network – allowing them to not only demonstrate how easily MiTM attacks compromise unsecured WiFi networks and clients, but also how far an attacker could proceed after the initial compromise.
Client-Side Phishing Enhancements
With social engineering becoming an increasingly central aspect of today’s Advanced Persistent Threats (APTs), more Core Security customers than ever before are availing themselves of the product’s client-side testing capabilities. In IMPACT Pro v11, client-side assessments are even more useful and efficient, with the addition of new social engineering attack automation features, including:
- Information Gathering enhancements that enable testers to find emails and other sensitive information in files posted to web sites
- The ability for users to impersonate legitimate web forms with phishing “traps” to identify potential data leakage issues resulting from email recipients who click through to malicious forms.
“With well over 1,000 current customers and counting, along with numerous awards and 5-star independent lab reviews, CORE IMPACT Pro is established as the premier professionally developed penetration testing solution on the market today. With v11 we continue to IMPACT’s breadth and depth with an array of powerful new features and functions,” said Mark Hatton, president and CEO of Core Security. “More organizations than ever before are committed to conducting regular internal testing, whether for strategic purposes or to meet mandated requirements. IMPACT Pro will continue to evolve to meet the specific needs of these testers, and the many more who join their ranks every day.”
For a full list of new features in CORE IMPACT Pro v11, please visit the Core Security website:
About Core Security Technologies
Core Security Technologies enables organizations to get ahead of threats with security test and measurement solutions that continuously identify and prove real-world exposures to their most critical assets. Our customers can gain real visibility into their security standing, real validation of their security controls, and real metrics to more effectively secure their organizations.
Core Security’s software solutions build on over a decade of trusted research and leading-edge threat expertise from the company’s Security Consulting Services, CoreLabs and Engineering groups. Core Security Technologies can be reached at +1 (617) 399-6980 or on the Web at: http://www.coresecurity.com.