- Phishing, SQL, Brute Force DDOS
- Red teams, blue teams, purple teams
k
open source, enterprise, or an arsenal
While the Core Impact team is hard at work to provide and enhance the most comprehensive pen testing tool, we want to be sure to regularly check in with those who matter most—our customers!
That’s why we’re pulling back the curtain to provide a look behind the scenes and show you what’s on the horizon. During this exclusive user-focused webinar, meet the product experts dedicated to your success and join us as we:
We truly value customer feedback on how we can improve Core Impact, from both a feature standpoint and when it comes to adding new exploits to our library. Over the years, input from our customers has helped shape and influence the product and made it the robust pen testing tool it is today.
Is there a feature or exploit currently missing that you'd like to see? Let us know by completing the request form below.
Please enter one item per submission, completing the form multiple times if needed.
A penetration test is often referred to broadly as an evaluation of an organization’s cybersecurity through the uncovering and exploitation of security weaknesses. However, this doesn’t mean there is only one way to pen test. Since vulnerabilities can exist anywhere—operating systems, services and application flaws, improper configurations, or even risky end-user behavior—multiple types of pen tests have been developed to ensure every aspect of the IT infrastructure is secure.
Note: This work was originally done by Cristian Rubio and Ricardo Narvaja of Core Labs on Windows Server 2008 SP1 32 and 64-bit. There are not many differences in other versions of Windows.
While the basis of the SIGred bug is quite simple, it’s critical to explore exactly how this vulnerability can exploited.
On September 11th, 2020, researchers at Secura published information on a critical vulnerability in Microsoft’s Netlogon authentication process which they dubbed “Zerologon." It is a cryptographic flaw that has a clear path to full takeover of an Active Directory domain.
Penetration testing, also known as a pen test, is a security exercise that reveals an organization’s security vulnerabilities through a defined testing process. A penetration test may focus on networks, applications, physical facilities, individuals, and more.
Ever since Ali Baba uttered “open sesame,” thieves have been using stolen passwords to access hidden riches. In the digital world, password attacks have been and continue to be a common way for threat actors to gain access to an organization’s treasure trove of data. No matter how many emails we get from IT explaining what makes a good password, many of us still use the same basic password in multiple places simply because they’re easier to remember.