Professional Documents
Culture Documents
Hamde AL Tamimi
Mohammad Ali Qattan
Amira Mosa AL Braim
Rakan Tayseer
effective exploits() .
These exploits can then be launched against the vulnerable( ) hosts to
attempt to gain access.
Having gained access to a vulnerable host,CORE IMPACT can install Agents
which provide varying levels of remote access (including directory listing,
uploading and downloading files, and so on).
It is even possible to use a compromised host to launch new penetration tests
against other hosts on the network which may not have been visible on the
initial scan.
This way the penetration tester can move from host to host within the
compromised network.
Cont
CORE IMPACT thus allows the user to safely exploit Weak Points in the
network, replicating the kinds of access an intruder could achieve, and proving
actual paths of attacks that must be eliminated.
The product features the Rapid Penetration Test (RPT),
a step-by-step automation of the penetration testing process. From the initial
information gathering phase to production of the final report, the penetration
testing steps within CORE IMPACT can be run completely autonomously. The
steps in this process include:
Information Gathering
Attack and Penetration
Local Information Gathering
Privilege Escalation()
Clean Up
Report Generation
Cont
Each of the six processes listed previously are available as Wizards in the
Rapid Penetration Test window.
By following each of them in turn, the average user will follow the typical
hacker methodology recommended by every generic hackers handbook,
and be able to complete a very comprehensive penetration test without
recourse to experts or outside consultants.
Of course, experts and consultants will also find this tool incredibly useful in
their day-to-day work
Information Gathering
We have types of test which led to multiple ways to gather information
such as:
Client-Side Rapid Penetration Testing
Mobile Device Rapid Penetration Testing
Network Device Rapid Penetration Testing
Network Rapid Penetration Testing
Web Application Rapid Penetration Testing
Wireless Rapid Penetration Testing
Client-Side Rapid
Penetration Testing
In the case of end-user testing, Information Gathering involves the collection of email
addresses to target with phishing, spear phishing(Instead of casting out thousands of e-mails
randomly hoping a few victims will bite, spear phishers target select groups of people with
something in commonthey work at the same company, bank at the same financial institution,
) or other social engineering attacks. CORE IMPACT offers a number of modules for
gathering email addresses of individuals in your organization, or you can enter or import your
own list of email addresses to test.
Key Capabilities
Crawl a website to harvest addresses published on the site
The Major effect of search engines to locate addresses for a given domain
Find addresses in Pretty Good Privacy (PGP)(Pretty Good Privacy (PGP) is a popular
program used to encrypt and decrypt e-mail over the Internet. ) and Whois databases
Scan a domain for documents and scrape useful information from them, such as email
addresses
During this phase of the Web Application Rapid Penetration Test, CORE
IMPACT crawls through web pages and identifies pages to test. Alternately, you
can import the results from popular web application Weak Points scanners and
validate imported Weak Points for exploitability() .
Key Capabilities
Specify a domain or range of web pages to crawl
Set a link depth limit for the crawler
Select whether to follow links outside the specified site
Crawl JavaScript to discover and assess dynamically generated pages
Establish the browser type and version to use
Supply any login information required to emulate an attack from someone
with access rights to the web application
Import web scanner results for Weak Points validation
CORE IMPACTs discovery capabilities allow users to identify both authorized networks
and unauthorized points of access. It then profiles any networks discovered by analyzing
signal and packet data to measure network strength, determine security protocols, and
identify devices interacting with the involved network.
Key Capabilities
Discover both known and unknown Wi-Fi networks and access points
Gather MAC addresses and service set identifiers (SSID)(An SSID is the name of a
wireless local area network (WLAN). All wireless devices on a WLAN must employ the
same SSID in order to communicate with each other. ) from beaconing machines
Impersonate( ) access points, and fingerprint / harvest information from
systems that connect
Gather information on network strength, security protocols and connected devices
Scan traffic for streams of sensitive data
Client-Side Rapid
Penetration Testing
In this test, you create an email, associate it with an exploit, and go phishing. The product
includes sample email templates that simulate common phishing attacks. You can also create
your own custom spear phishing emails that effects inside knowledge of your organization.
CORE IMPACTs big library of client-side exploits includes attacks that target endpoint
applications, endpoint security solutions, and endpoint operating systems and services. The
product also takes care of sending the email, giving you options such as selecting an Simple
Mail Transfer Protocol (SMTP) server or Trick a specific from email address.
Key Capabilities
Create phishing, spear phishing and spam emails from a variety of pre-built templates
Safely deploy Agents using real-world malware attacks(Malware, short for malicious
software, is software designed to disrupt computer operation, gather sensitive information, or
gain unauthorized access to computer systems. ) to test end-user system security
Track who responds to attacks and measure the effectiveness of security awareness programs
with or without exploiting their systems
CORE IMPACT uses real-world attack techniques including phishing, web form impersonation, fake
wireless access points, and wireless man-in-the-middle attacks(The man-in-the-middle attack is a form of
active eavesdropping( ) in which the attacker makes independent connections with the victims and
relays messages between them, making them believe that they are talking directly to each other over a
private connection, when in fact the entire conversation is controlled by the attacker. The attacker must be
able to intercept all messages going between the two victims and inject new ones ) to assess end users and
their devices.
Key Capabilities:
Phishing: send emails and texts that determine whether employees would fall prey to phishing and spear
).
Key Capabilities:
Launch dictionary attacks to gain device access
Retrieve the configuration file of a compromised device and try to crack
passwords that are in use
Rename compromised devices
Demonstrate how attackers could intercept copies of data packets via interface
monitoring
During Attack and Penetration, CORE IMPACT automatically selects and launches
remote attacks leveraging( ) IP, OS, architecture, port and service
information obtained in the Information Gathering step. You can choose to launch
every potential attack against each target computer, or you can have the system stop
once it successfully deploys a single Network Agent, which carries the attack
payload. You maintain full control over which computers are attacked and the order in
which exploits are launched. In addition, you can further simplify and speed tests by
excluding exploits that may leave a target service unavailable or take a long time to
run.
Key Capabilities
Launch multiple, many attacks at the time to speed the penetration testing process
Interact with compromised machines via discrete Agents that are installed only in
system memory
Run local exploits to attack machines internally, rather than from across the network
Maintain control over which exploits are applied
Privilege Escalation
During the Privilege Escalation step, CORE IMPACT attempts to penetrate
deeper into a compromised computer by running local exploits in an attempt to
obtain administrative privileges. After Privilege Escalation, you can shift the
source Agent to one of the newly compromised systems and cycle back to the
initial Information Gathering step, thereby establishing a beachhead from which
to run attacks deeper into the network.
Key Capabilities
Run local exploits to attack systems internally, rather than from across the
network
Gain administrative privileges on compromised systems
View the networks to which a compromised computer is connected
Launch attacks from any compromised system to other computers on the
same network, gaining access to systems with increasing levels of security
Cleanup
The Cleanup step automatically uninstalls every connected Agent. Agents are
uninstalled in post order to support complex Agent chains. In addition, all
Agents are automatically uninstalled when closing the active workspace,
regardless of whether the Cleanup step is executed or not.
Key Capabilities
Quickly and easily remove all Agents from compromised machines, leaving
your network and end-user systems in their original states
CORE IMPACT generates clear, informative reports that provide data about
targeted systems and applications, results of end-user penetration tests, audits of
all exploits performed, and details about proven Weak Points. You can view and
print reports using Crystal Reports or export them in popular formats such as
HTML, PDF and Microsoft Word.
Key Capabilities
Obtain actionable information about exploited Weak Points, compromised
end-user systems, web application weaknesses and associated risks
Create activity audits to satisfy Commitment and regulatory requirements
Export report content in popular formats that can be easily customized and
shared