Getting to Know Core Impact
Core Impact is a comprehensive and scalable tool that provides a controlled environment in which to perform penetration tests so you can safely and efficiently determine how a malicious attacker might gain access to or disrupt your network. While Core Impact enables users to quickly get up and running, there are many aspects that experienced and new users may have yet to discover in such a multi-faceted tool.
With this in mind, we’ve compiled a list of the top things everyone should know about Core Impact. Take a look and see what you may have been missing.
Impact's flexible licensing model comes with different license types that enable flexible use of the product, and ensure we can support multiple use cases. Our goal is to make sure you get the right combination of licenses that will work best for you and your team.
Encrypting Agent Communications
All communication between Impact and its agents is both encrypted and authenticated. Perform better, more detailed testing with the peace of mind that your communications will remain secure.
Command and Control Options
Impact has a variety of communication methods to better support different ways you might want to test, each featuring encryption and mutual authentication between Impact and its agents.
Impact gives you the ability to set an expiration date and time for an agent when you deploy it, giving you control and minimizing artifacts left by your test. Even if a target is hibernated during a test and misses the cleanup signal, Impact agents will see that it’s past due and clean itself up.
Rapid Penetration Tests
Impact’s rapid penetration testing wizards can automatically find common weaknesses, while letting you choose how risky you want to be. This will free up time for you to do more in-depth testing and can even provide a short list of items to quickly prioritize for remediation.
Intelligently Exploit Identities
Impact enables you to store identities uncovered while testing. With central identity storage, it’s simple to use these identities to further your testing, allowing you to easily move and get access to more information.
Stealthy PowerShell Attacks
Impact can natively leverage PowerShell on remote hosts without using the PowerShell executable. Impact’s ability to easily interface with Powershell opens state-of-the-art attack methods preferred by advanced adversaries.
A Python Framework
Impact is a Python framework - all modules, exploits, and tools are written in Python and are user customizable. This flexibility enables you to extend and enhance the value of your investments.
Ongoing Logging and Reporting
Impact automatically logs everything you do over the course of your pen test, providing you a complete audit trail. It also has a powerful and flexible built-in reporting engine that allows you to create reports for any type of audience. These reports are fully customizable and the templates can be saved for future use.
Validating Vulnerability Scans
Impact automatically validates the results of a vulnerability scan by attempting to exploit the vulnerabilities that were exposed during a test. You will then get a report of what Impact was and was not able to exploit. Speed up remediation processes by having Impact prioritize the list of vulnerabilities that your scanners are generating.
Automatically re-run a previous pen test with Impact's remediation validation option and receive a change report on any differences between the tests. Use this to easily test if remediation efforts have been successful rather than having to do the entire test over again.
Moving from One Host to Another
Impact makes it easy to pivot from one host to another. It is as simple as a right click. The ability to leverage additional features with this functionality can make you more efficient and effective during your testing.