What is Core Impact?
Core Impact is a penetration testing software that empower the security team to safely identify and exploit security weaknesses. It applies the same techniques as today’s threat actors or adversaries to efficiently test your IT infrastructure.
With Core impact, organisations are able to discover, test, and report through a few simple steps using its guided automation and certified exploits.
Key Features:
1. Guided Automation
Core Impact’s Rapid Penetration Tests (RPTs) are accessible automations and intuitive wizards that functions to automate common and repetitive tasks.
This feature helps simplifies processes, optimise efficiency and let pen testers to to focus on more complex issues thus maximize your security resources usage.
2. Certified Exploit
The validated exploited library with real-time updates for new penetration testing exploits, tests for additional platforms (when become available) which includes third party exploits from ExCraft.
3. Patented Agents
Core Impact’s patented Core Agents eases interactions with remote hosts. Users are able to tell Core Impact your action using the remote host, while the agent took care of the technical aspects.
4. Robust Error Prevention
Core Impact does not allowed any agent after testing to drain resources or become a potential backdoor for attackers as it has programmable self-destruct capabilities for agents at different levels (product, workspace, module/RPT).
5. Optimal Collaboration through Shared Workspaces
With Core Impact, multiple security tester can interact in the same session. This allows the team to be able to securely share data and delegate testing tasks.
6. Reporting
Core Impact offers automated reporting capabilities. Tester can obtain consistent and thorough recording of engagements for planning and prioritizing remediation efforts and proving compliance for regulations such as PCI DSS, GDPR, and HIPAA.
Reports is also equipped with option of adding the layer output of the MITRE ATT&CK™ framework
7. Maximize Testing Visibility
Core Impact’s attack map provides real-time overview of attack chains, pivoting and other activities completed during testing. Through the network graph view, users are able to obtain visual insight that enables the security teams to effectively determine the best path forward in the testing engagement.
Product Specifications:
1. Platform monitored
Core Impact runs on Windows and assists testing on these platforms:
- Operating Systems like Windows, Linux, and Mac
- Cloud (Public, Private, Hybrid)
- Databases
- Web Services
- Network Appliances
- Software Applications
- Your Critical Data
2. Integration with security testing tools
Integration between Core Impact and other security testing tools further centralise user’s testing environment and increase the breadth of program.
3. Vulnerabilities scanner integration
Core impact is able to import data and validate vulnerabilities from multiple scanners which include:
- beSECURE
- Burp Suite
- Frontline VM
- Nessus
- Nexpose
- OpenVAS
- Nmap
- Qualys
- SAINT
- Tenable
4. Deployment options
Core Impact runs on Windows with an integrated SQL database, physical or virtual system, thus it can be installed and running in 30 minutes or less.