Core Impact 101 Training
Welcome to Core Impact Training 101. This training is designed to give you an in-depth overview of this tool’s powerful pen testing features and provides a wealth of information that can add to your skillset. There is something for everyone in this training, from new security team members just starting to implement pen testing, to the battle-hardened cybersecurity veterans that can further enhance assessments with advanced techniques, tips, and tricks.
"I want to extend my thanks for incorporating the new training courses on Core Impact. These courses have greatly expanded my understanding of how to use Core in different scenarios. I also appreciate the addition of the coercion tool, which I believe will be highly valuable." - Allen Flesner, CyberSecurity Engineer at MAD Security
Core Impact Training Course Outline
GETTING STARTED
- Introduction
- Penetration Testing
- Core Impact
- Checkpoint
LAB ENVIRONMENT SETUP
- Introduction
- Virtualbox setup
- Core Impact Virtual Machine setup
- Vulnerable Virtual Machines
- Checkpoint
THE BASICS
- Starting Core Impact
- Quick Tour
- Network Information Gathering
- Exploitation and Post-Exploitation
- Maintaining Access and Escalating Privileges
- Cleanup post-penetration test
- Reporting
- Checkpoint
ACTIVE DIRECTORY
- Introduction to Active Directory
- Active Directory Domain Reconnaissance
- Active Directory Attack Paths Discovery
- Kerberoast
- AS-REP Roast
- DCSync
- Golden Ticket
- Silver Ticket
- Lateral Movement
- Man-In-The-Middle-Attacks: NTLMrelayx
- Checkpoint
SOCIAL ENGINEERING & CLIENT-SIDE ATTACKS
- Information Gathering
- Phishing Campaign Deployment
- Role Playing - You are the target now
- Reporting
- Checkpoint
WEB APPLICATIONS TESTING
- Introduction
- Information Gathering
- Attack and Penetration
- Post-Exploitation
- Reporting
- Checkpoint
NEXT STEPS
- Further Resources