CORE Impact Pro 2013 adds several new capabilities. These advanced capabilities include CloudCypher, an online service created and managed by CORE that works with Windows hashed passwords discovered by Impact during testing and attempts to determine plaintext passwords for those hashes.
These obtained passwords can then be used for additional security testing. Other highlights of the release include the ability to team multiple security testers together to interact in the same workspace against the same target environment across multiple copies of Impact.
In addition to these new features, Impact 2013 is supported by the company’s extensive library of more than 2,800 commercial-grade exploits and other attack techniques.
In addition to CloudCypher, and Teaming, CORE Impact 2013 new capabilities include:
- Network Remediation Validation
- DNS Communication Channel
- Agent Redeploy
- Network IG & AP Module output
- Reporting enhancements.
As security around TCP and HTTP protocols has improved, hackers have looked at alternative data protocols to infiltrate, adding the DNS capability allows testers to use the DNS channel as well. Agent Redeploy is a new feature that allows Impact to quickly verify whether a previously discovered vulnerability has been remediated.
CORE Impact now displays rich progress information as the automated pen tests execute against target networks, allowing a user to track progress. Using this feature, Impact can now demonstrate in a user-friendly and graphical manner, exactly what is being executed in real-time.
The last new addition for Impact 2013 is report selection for reporting on specific hosts needed, rather than having to run the report on all hosts within the workspace. Reports that support this capability include:
- PCI Vulnerability Validation Report
- Vulnerability Validation Report
- Host Report
- Host Based Activity Report
- Vulnerability Report
- Wellness Report.