Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Core Impact

from [Security Professional] Network Security [Permanent Link]
Subject: Core Impact
Date: Thu, 23 Jun 2005 07:38:26 -0400 
Folks,

Thanks for all the comments regarding Core Impact.  I attended a demo
yesterday and I have to say...WOW!  The tool definitley is worth its
price if you ask me.  The fact that everything is written in Python
and fully customizable, allows for easy development of any zero day or
custom exploit.

I also found the deployable agent option to be a major plus.  Gone are
the days of uploading all your tools to a compromised vicitim,
worrying about being seen on that machine, or simply spending a few
hours installing a persistent call back.  The tool can deploy one of
two agents after a successful exploit.  One runs in memory as the
process you exploited, and the other has an option to set it up as a
persistent agent with call back functionality.  This to me is a huge
plus.  Also, the fact that you can easily use that compromised machine
as a pivot point to dig further is awesome.

All in all, I was blown away by the capability of this tool.  Now I
know why they ask for that much money to purchase it.  If one were
only looking at the point and click functionality, I can see being
disappointed in the number of exploits that come pre-packaged with
this tool.  But, if one wee to look at the FULL functionality of this
tool, and look past the simple point and click, you would see that
this tool is well beyond most things out there right now.

Again, thanks for the input.
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: TFTP and XP_CMDSHELL - Weird, Jose Selvi
Next by Date:  Antwort: RE: generating a network map, c . ehlen
Previous by Thread:  Re: Core Impact, Christoph Puppe
Next by Thread:  nessus to PCI, ctodude
Indexes:  [Date] [Thread] [Top] [All Lists]