Core Impact Pro makes it easy for you to frequently assess your organization’s susceptibility to phishing, spear phishing and other social engineering techniques. Impact safely replicates email-based attacks to test end-user security policies and identify systems requiring patches and other updates. Each test is backed by comprehensive reports that assist with compliance initiatives and help you to pinpoint ways to strengthen data security.
Core Impact Pro allows you to replicate multistaged attacks that leverage compromised end-user systems to target backend resources, revealing how chains of exploitable vulnerabilities can open paths to mission-critical systems and data.
Quickly Identify Social Engineering Test Targets
Impact Pro offers a number of modules for gathering email addresses from your organization, including:
- Crawl a website to harvest addresses published on the site
- Leverage major search engines to locate addresses for a given domain
- Scan online documents for email addresses to target
- Find addresses in PGP and Whois databases
- Import your own list of email addresses to test
Safely Launch Phishing and Spear Phishing Attacks
With Impact, you can test email-user security awareness by replicating realistic phishing attacks with or without attempting to exploit the endpoint system.
- Assess security awareness by identifying users who click links in phishing emails
- Customize sample phishing templates, or create your own custom spear phishing email
- Set web forms phishing traps to flag data leakage risks
- Test end-user machines for exploitable vulnerabilities and pivot to other network systems
CORE Impact End-User Security Awareness Testing Demonstration
Commercial-Grade Client-Side Exploits
Impact Pro’s extensive library of client-side exploits cover threats that target:
- Endpoint applications: e.g., web browsers, email clients, instant messaging, media players, business applications and productivity tools
- Endpoint security solutions: e.g., antivirus, anti-phishing, anti-malware, host-based intrusion detection and prevention systems
- Endpoint operating systems and services: e.g., Windows, Mac, Linux
Created in-house at CORE Security by a professional team of experts, the product’s client-side exploits are Commercial-Grade – ensuring that they are current, effective and safe for your network. Automated capabilities allow you to test an endpoint system against multiple client-side exploits with a single click, adding efficiency and speed to security assessments.
Assess the Consequences of Successful Social Engineering
- View the local file system and mapped drives
- Upload and download files to and from the end-user system
- Open and interact with files on the compromised system
- Gather user names and passwords from endpoint applications
- Take a screenshot of current activity on end-user’s desktop
- Harvest email addresses from mail clients
- Deploy a keylogger that tracks the user’s keystrokes
- Perform a password dump from the user’s web browser
- Automatically “listen” for clicks, launch exploits, and collect evidence of successful compromises
Pivoting: Determine the Risks of Insider Access
Impact also includes network penetration testing capabilities that can leverage any compromised end-user system as a beachhead from which to launch subsequent tests on other systems in the end user’s network – without uploading any code to the machine. This pivoting capability enables you to exploit trusted relationships and fully understand the “ripple effect” of threats that can occur when a single end-user system is compromised, replicating the steps attackers actually follow in the wild.
Monitor End-User Response and Evaluate Security Awareness Programs
With Impact, you can easily benchmark security awareness and incident response programs, as well as demonstrate ongoing improvements in security program effectiveness for auditing and compliance purposes. You can also identify critical, exploitable vulnerabilities that link from your organization’s endpoints to its backend systems and data.
Core Impact Pro includes the following endpoint and end-user reporting capabilities:
- Client-Side Penetration Test Report: a full audit trail of each attack, including the email template sent, exploits launched, test results (success or fail), and details about compromised systems
- User Report: a report of which links were clicked, when they were clicked, and by whom
In addition, Core Impact Pro offers a variety of other ways to document your security assessments, including visual attack path reports, delta reports, and PCI and FISMA compliance reports.