Recently, Core Security released the 2024 Penetration Testing Report, which shares the results from an annual survey of cybersecurity professionals on their experiences with offensive security strategies and solutions. In this series, we’ll take a deeper dive into some of the most noteworthy findings from the survey, with expert insights from Fortra’s CISO, Chris Reffkin, and Lead Product Manager...

Core Impact UpdatesNew UI and Usability Improvements for Reports The Core Impact Reports have been modernized, with data reviewed to improve its actionability and user friendliness.Phishing Attacks Efficiency ImprovementsThe links generated by Core Impact for phishing attacks and client-side exploits have had IOCs removed. Additionally, running simulations has been simplified and reduces the risk...

Cybersecurity budgets are beginning to get cut across the country, and organizations are faced with tough choices about what should stay and what should go. As security budgets face extra scrutiny and potential cuts, it’s critical to evaluate the cost and benefits of each security practice. It can be difficult to define the value of proactive security solutions like pen testing, as a precise ROI...

Core Impact UpdatesSMB NTLM Information Dumper This module improves the reconnaissance step for Active Directory testing, specifically gathering NTLM information using SMB/RPC protocols to prepare NTLMrelayx Man-in-the-middle attacks. Among other information, it retrieves: SMB Signing configuration information Domain configuration SMB Shares Out of the box tags for known server roles This update...

Core Impact Exploit Library AdditionsOne of Core Impact’s most valuable features is its certified exploit library. Fortra’s Core Security has a team of expert exploit writers that conduct research, evaluating and prioritizing the most relevant vulnerabilities in order to update the library with critical and useful exploits. Additionally, the QA team creates its own clean environment to validate...

We sat down with John Stahmann, CISSP and Director of Sales Engineering for Offensive Security and Infrastructure Protection at Fortra, and asked him what he had learned after more than 20 years in the industry about the pitfalls, hacks, and little-known facts of offensive security. With so much architectural complexity, vendor sprawl, and multi-platform problems plaguing the cybersecurity...

Core Impact UpdatesDuring the month of February, updates have been made to Core Impact to enhance its functionality. New modules have been added to perform Active Directory attacks taking advantage of new features from the latest version of Impacket. There is also a new Web Applications Fuzzer that can find some of the directories and files that are not referenced by the pages discovered during...

NTLM (NT Lan Manager) relay attacks are still a significant threat to the security of Windows based networks. Though it is a well-known attack method that has been around for many years, it is no less dangerous than when it first emerged. In fact, it has been an attack method that is currently popular with “aggressive” hacking groups, including the Russian APT28. These groups have successfully...

When hashing out your offensive security strategy, it’s not all about winning – especially when you’re role-playing as the hacker. Red teams are out to attack. Blue teams are out to defend. While many assume that the goal of an engagement is for Red to best Blue, adopting a “Purple team” mindset focuses more on learning. It prioritizes growth over outcome and trains Blue so that Blue does better...

One of Core Impact’s most valuable features is its certified exploit library. Fortra’s Core Security has a team of expert exploit writers that conduct research, evaluating and prioritizing the most relevant vulnerabilities in order to update the library with critical and useful exploits. Additionally, the QA team creates its own clean environment to validate each exploit before its release to...

How the justice system deals with cybercrime is still relatively new and finding its footing. How cybercriminals are leveraging the legal system is relatively new, too. Imagine a world where your organization gets hacked, and then, to add insult to injury, gets reported by the hackers for being out of compliance. Well, you don’t have to imagine too hard because those days are upon us. While the...

One of Core Impact’s most valuable features is its certified exploit library. Fortra’s Core Security has a team of expert exploit writers that conduct research, evaluating and prioritizing the most relevant vulnerabilities in order to update the library with critical and useful exploits. Additionally, the QA team creates its own clean environment to validate each exploit before its release to...

We are thrilled to announce the latest release of Core Impact! Version 21.5 is packed with exciting features and improvements that provide a smoother and even more efficient user experience. Some of the new features include the option to use Impacket’s NTLMrelayx module to relay connections during an Active Directory attack, various coercion methods to trigger authentications into the relay...

When it comes to a security staple like penetration testing, we all have preconceived notions that make this practice seem quite challenging. The need to rotate vendors, interruptions to normal business, or even testers causing security risks are some that you often hear thrown around. But are they true? The short answer is no. In this blog, we’ll put these myths to rest and bring the truth about...

While it’s important to adhere to compliance regulations, blunders do happen. What does it mean when these blunders lead to you failing a cybersecurity audit, and how can you recover? Consequences of Failing a Cybersecurity Audit Failing a cybersecurity audit can mean several things. First, there’s the up-front legal fines that come with falling on the wrong side of compliance. Here are a few...

You may have heard that Core Security’s Core Impact is an enterprise-grade penetration testing solution that uses same tactics and techniques as real-world attacks. You may have heard that it’s automated and easy-to-use, so teams of any prior skill level can leverage the same advanced attacks. And you may have even heard that it can automate routine tasks as part of the overall engagement, so more...