• book demo
  • request trial

Penetration Testing Solutions with Core Impact

Multi-Vector Penetration Testing Solution with Core Impact Pro

Core Impact® Pro is the most comprehensive, commercial-grade penetration testing product available, enabling you to conduct real-world assessments across a broad spectrum of risk areas, including:


Web Application Penetration Testing

Web Application Penetration Testing with Core Impact Pro allows you to pinpoint exploitable Cross-Site Scripting, SQL Injection and all other OWASP Top 10 vulnerabilities in your web applications, not only giving visibility into where application weaknesses exist, but also  determining how they can open the door to subsequent network-based attacks.

More about Web Application Penetration Testing >


End-User Security Awareness Testing

End-User Security Awareness Testing with Core Impact Pro determines the susceptibility of email users to social engineering attacks, assesses the overall security of their systems, and depicts how individual client-side exposures can be linked to large-scale breaches of backend servers.

More about End-User Security Awareness Testing >


Endpoint Penetration Testing

Core Impact Pro enables you to penetration test standard desktop images prior to deployment in your live environment.

More about Endpoint Penetration Testing >


Mobile Device Penetration Testing

Mobile device penetration testing with Impact Pro pinpoints and addresses gaps in end-user awareness and security exposures in their devices before attackers do. With Core Impact Pro’s Mobile Device Penetration Testing capabilities, you can demonstrate the exploitability of iPhone®, Android™ and BlackBerry® smart phones using the same attack techniques employed by criminals today.

More about Mobile Device Penetration Testing >


Network Penetration Testing

Network Penetration Testing with Core Impact Pro replicates the actions of an attacker taking advantage of OS, service and application weaknesses across network systems, revealing where exploitable vulnerabilities are, how they can be linked to traverse your network, how defenses react, and what remediation steps are necessary.

More about Network Penetration Testing >


Password and Identity Cracking

CloudCypher, a new online service from Core, works with Windows NTLM Hashes discovered by Impact Pro during testing and attempts to determine plaintext passwords for those hashes. Any passwords that are determined will be passed back to the Impact Pro workspace that requested them. This is done through the use of modules, the original module that submitted the hashes will be used to retrieve the resulting passwords. These obtained passwords can then be used for additional security testing. CloudCypher was created and is managed by Core and held within Amazon Web Services.


Wireless Network Penetration Testing

Wireless Penetration Testing with Core Impact Pro allows IT security managers to identify at-risk wireless networks, crack encryption codes, and trace attack paths from initial points of wireless exposure to backend resources housing critical data -- gaining actionable data at each step for efficient remediation.

More about Wireless Network Penetration Testing >


Testing the Efficacy of IPS/IDS, Firewalls and Other Defenses

Using Core Impact software solutions, you can proactively test the efficacy of their network, endpoint, web application, wireless, and email defenses both to ensure that these technologies are working properly, and to aid in the process of evaluating products to determine ROI and influence future buying decisions.

More about Testing the Efficacy of Defenses >


Validating Vulnerabilities Identified by Scanners

Core Impact integrates with the most widely-used network and web vulnerability scanners, allowing you to import scan results and run exploits to test identified vulnerabilities.

More about Validating Vulnerability Scan Results >



SCADA Security Testing

Core Security is partnering with ExCraft labs, a Core Secured Partner, that has created numerous exploits specifically for SCADA systems, that are utilized in Core Impact Pro.

More about SCADA Security Testing > 


Network Device Penetration Testing

Impact Pro is the first commercial-grade penetration testing software that can specifically target network devices and prove how a single intrusion could escalate into a widespread data breach.

More about Network Device Penetration Testing >



Next Steps

Book DemoRequest Trial