Skip to main content
Core Security Logo Core Security Logo
  • Contact Us
  • Support
  • All Fortra Products
  • FREE TRIALS
  • Contact Us
  • Support
  • All Fortra Products
  • FREE TRIALS
  • Cyber Threat

      Products

      • Core Impact Penetration testing software
      • Cobalt Strike Red team software
      • Event Manager Security information and event management
      • Network Insight Network Traffic Analysis
      • Powertech Antivirus Server-level virus protection
      • Security Auditor Security Policy Management and File Integrity Monitoring Software

      Solutions

      • Penetration Testing
      • Penetration Testing Services
      • Threat Detection
      • Security Information and Event Management
    • Penetration Testing Services Security consulting services
  • Identity

      Products

      • Access Assurance Suite User provisioning and governance
      • Core Password & Secure Reset Self-service password management
      • Core Privileged Access Manager (BoKS) Privileged access management (PAM)

      Solutions

      • Privileged Access Management
      • Identity Governance & Administration
      • Password Management
    • See How to Simplify Access in Your Organization | Request a Demo
  • Industries
    • Healthcare
    • Financial Services
    • Federal Government
    • Retail
    • Utilities & Energy
    • Higher Education
    • Compliance
  • Resources
    • Upcoming Webinars & Events
    • Blogs
    • Case Studies
    • Videos
    • Datasheets
    • Guides
    • Ecourses
    • Compliance
    • All Resources
  • CoreLabs
    • Advisories
    • Exploits
    • Publications
    • Articles
    • Open Source Tools
  • About
    • Partners
    • Careers
    • Press Releases
    • Contact Us
  1. Home
  2. Blog
  3. Core Impact Updates: New Version Release and Impacket

Core Impact Updates: New Version Release and Impacket

We’re ringing in the new year with the latest release of Core Impact ! Version 21.3 strengthens the connection between Core Impact and Cobalt Strike, amplifying the capabilities of both tools. In addition to this release, Core Security is also excited to be taking over maintenance for Impacket, a critical pen testing tool that allows to work with Windows network protocols and facilitates Active Directory testing and command execution over SMB and WMI.

Core Impact Version 21.3

This release focuses on bringing the power of Cobalt Strike to Core Impact, enhancing the pen testing experience both for those who use Core Impact alone as well as those who have both tools.

Beacon Object Files (BOF) Execution

Beacon is Cobalt Strike’s custom agent that can be used to execute PowerShell scripts, log keystrokes, take screenshots, download files, and spawn other payloads. A Beacon Object File (BOF) is a compiled C program that can execute within a Beacon process and use internal Beacon APIs. BOFs allow users to extend the use of the tool using new features that are often created by the talented Cobalt Strike community.

Core Impact now fully supports the Cobalt Strike BOF API, allowing Core Impact users to also be able to benefit from these extensions. These BOFs will require no modifications and can be precompiled to execute in either Cobalt Strike or Core Impact.

Exploit Execution Through Beacon

Image
Exploit Execution Through Beacon

The interoperability features of Core Impact and Cobalt Strike continue to grow. Users of both tools will have new opportunities and increased success rates when seeking to move laterally in a target environment.

Cobalt Strike Beacon enables third-party tools to pivot by exposing a SOCKS proxy server. Each time Beacon checks in, data that writes to or is read from ongoing connections is exchanged. Core Impact can now leverage this functionality in order to launch Core certified exploits directly through Beacon.

Impacket

We’re excited to have recently welcomed Impacket to Fortra’s cybersecurity portfolio. Impacket is an open-source collection of modules written in Python for programmatically constructing and manipulating network protocols. It has long been a fundamental piece of most pen tester’s toolkits and has been used as the base for dozens of tools and scripts. Impacket is even the foundation of Core Impact’s Active Directory attack testing features. Core Impact users will benefit from these two tools being developed under the same umbrella, with new opportunities for further alignment.  With our commitment to offensive security, we look forward to developing this essential open-source tool to help all penetration testers in their future engagements.

As the new owner of the Impacket technology, we will not only be able to shape its future development, but also further develop the open-source ecosystem around it and enable our community partners to contribute to it and enhance it. Impacket is now hosted in Fortra’s GitHub at https://github.com/fortra/impacket.

Related Products
Core Impact
Related Solutions
Penetration Testing
Related Content
Why It’s Not Core Impact vs. Core Impact
Blog
Why It’s Not Core Impact vs. Cobalt Strike
Incorporating New Tools into Core Impact
Blog
Incorporating New Tools into Core Impact
ransomware simulator
Blog
Core Impact Introduces Ransomware Simulation

Want to see more Core Impact features in action?

CTA Text

Watch a demo for a full overview of this powerful penetration testing tool.

WATCH NOW
  • Email Core Security Email Us
  • Twitter Find us on Twitter
  • LinkedIn Find us on LinkedIn
  • Facebook Find us on Facebook

Products

  • Access Assurance Suite
  • Core Impact
  • Cobalt Strike
  • Event Manager
  • Browse All Products

Solutions

  • Identity Governance

  • PAM
  • IGA
  • IAM
  • Password Management
  • Vulnerability Management
  • Compliance
  • Cyber Threat

  • Penetration Testing
  • Red Team
  • Phishing
  • Threat Detection
  • SIEM

Resources

  • Upcoming Webinars & Events
  • Corelabs Research
  • Blog
  • Training

About

  • Our Company
  • Partners
  • Careers
  • Accessibility

Support

Privacy Policy

Contact

Impressum

Copyright © Fortra, LLC and its group of companies. All trademarks and registered trademarks are the property of their respective owners.