CORE Impact Pro Exploits and Security Updates
When you buy CORE Impact Pro, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within CORE Impact Pro. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because CORE Impact Pro keeps you there.
Use the controls below to navigate CORE Impact exploits and other modules.
|04.08.2014||AV Shell improvement||This update is to increase the realiability of AV shell module.||Post Exploitation|
|11.06.2011||Remote Network Interface Performance Enhancements v12 Rev 1||Added some performance enhancements for the Remote Network Interface module.||Post Exploitation|
|05.31.2011||Network Post Exploitation improvements v11 rev1||This update improves reliability of "Pass The Hash", "Who is There" and "Remote Desktop Access" modules, which happened to have problems when executed in the context of an agent running as SYSTEM user.||Post Exploitation|
|10.26.2011||iPhone Buffer Overflow Exploit Update||This module updates the platform names and adds the CVE references for the iPhone Exploit.||CVE-2011-0227||Exploits/Client Side/Mobile|
|03.07.2012||Android Webkit Floating Point Datatype Exploit||WebKit in Android 2.1 does not properly validate floating-point data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, related to non-standard NaN representation.||Exploits/Client Side/Mobile|
|10.22.2012||SQL Injection Analyzer Update 2||Test a web page's parameters trying to detect potential SQL Injection vulnerabilities. this update is for 12.5.||Exploits/SQL Injection/Analyzer|
|08.01.2012||SQL Injection Analyzer Update||Test a web page's parameters trying to detect potential SQL Injection vulnerabilities. The module can be configured to look for vulnerabilities in GET & POST parameters and cookies. This update adds an additional trigger to the FAST set of SQL injection triggers for the SQL Injection analyzer to use.||Exploits/SQL Injection/Analyzer|
|06.03.2013||HP Intelligent Management FaultDownloadServlet Directory Traversal Exploit||This module exploits a directory traversal vulnerability in HP Intelligent Management Center. Due to a lack of authentication and a directory traversal vulnerability in the FaultDownloadServlet component, an attacker can retrieve arbitrary files.||CVE-2012-5202||Exploits/Remote File Disclosure||Windows|
|06.03.2013||HP Intelligent Management IctDownloadServlet Directory Traversal Exploit||This module exploits a directory traversal vulnerability in HP Intelligent Management Center. Due to a lack of authentication and a directory traversal vulnerability in the IctDownloadServlet component, an attacker can retrieve arbitrary files.||CVE-2012-5204||Exploits/Remote File Disclosure||Windows|