Core Impact can help conduct advanced penetration tests with ease and efficiency. Watch this in-depth on-demand demo of Core Impact to dig a little deeper and see what the powerful penetration testing platform can do.
Exploit types
- Phishing, SQL, Brute Force DDOS
Teaming
- Red teams, blue teams, purple teams
k
Pen testing tools
open source, enterprise, or an arsenal
Vulnerability scanning
Pen testing services
Pen Test Pivoting
2020 has been a chaotic year. From the far-reaching impact of COVID-19 to the increasing number of data breaches across nearly every sector, the threat landscape continues to intensify and the importance of cybersecurity continues to grow.
While the Core Impact team is hard at work to provide and enhance the most comprehensive pen testing tool, we want to be sure to regularly check in with those who matter most—our customers!
That’s why we’re pulling back the curtain to provide a look behind the scenes and show you what’s on the horizon. During this exclusive user-focused webinar, meet the product experts dedicated to your success and join us as we:
We truly value customer feedback on how we can improve Core Impact, from both a feature standpoint and when it comes to adding new exploits to our library. Over the years, input from our customers has helped shape and influence the product and made it the robust pen testing tool it is today.
Is there a feature or exploit currently missing that you'd like to see? Let us know by completing the request form below.
Please enter one item per submission, completing the form multiple times if needed.
Authored by: Julio Sanchez
Product Line Relationship
A penetration test is often referred to broadly as an evaluation of an organization’s cybersecurity through the uncovering and exploitation of security weaknesses. However, this doesn’t mean there is only one way to pen test. Since vulnerabilities can exist anywhere—operating systems, services and application flaws, improper configurations, or even risky end-user behavior—multiple types of pen tests have been developed to ensure every aspect of the IT infrastructure is secure.
Authored by: Ricardo Narvaja
Note: This work was originally done by Cristian Rubio and Ricardo Narvaja of Core Labs on Windows Server 2008 SP1 32 and 64-bit. There are not many differences in other versions of Windows.
While the basis of the SIGred bug is quite simple, it’s critical to explore exactly how this vulnerability can exploited.
Authored by: Julio Sanchez
What You Need to Know About Netlogon and Zerologon
On September 11th, 2020, researchers at Secura published information on a critical vulnerability in Microsoft’s Netlogon authentication process which they dubbed “Zerologon." It is a cryptographic flaw that has a clear path to full takeover of an Active Directory domain.