OS: Windows 2000 and Windows XP Home
: www.coresecurity.com/
Trial Version: 4.0.0.966
License: Commercial
Core Impact is a next-generation scanner to scan your home network with a plus ... ....
Today's market offers many commercial products to perform automated testing pen one in particular stands out for its ability to force the access to the system.
right, while other scanners are the vulnerability of a system and then draw up a report of bugs found, Core Impact violates your system, launching automatically various exploits.
Once installed the executable with administrator privileges, you are in front of a screen that asks us
whether to start a new project or load a previous one already on your system, if you choose to start a new one must provide a license and a password that uniquely identifies that project.
After this procedure there is a split screen in front of several windows, the very heart of the program.
The scan is divided into six phases:
1) Acquisition of information network (refers to several active hosts on the network)
2) attachment and penetration (selected the host we are interested in launching exploits based on vulnerabilities found)
3) Capture local information (OS, username currently active, active applications etc. .. .... ... etc..)
4) Violation of the privileges (based on local information, applications and services running and all the acquired under the points 1-2-3 launches climbing the highest privilege to ROOT)
5) Cancellation of the tracks (as in a real attack must erase its traces from the compromised system)
6) Generation of the report (last we have the report ready and beautiful with lots of graphics)
To launch the first step "Information Gathering" we have to do with the left mouse button click on it and start scanning the network to identify active hosts present.
Once you choose the selected target host proceed to Step 2 "Attack and Pentration" launches automatically various exploits based on the information acquired.
In step 3, "Local Information Gathering" will collect information from the local host target snatched initial scan and the attack itself. Step 4
"Privilege Escalation" trying to get full access of the system with Administrator privileges.
Step 5 "Clean Up" is like all computer attacks erase all trace of their activity and the various logs. The last step
6, "Report Generation "will draw up a report: a more complete and detailed summary and one more and then you can either save it as xml and html.
Core Impact is a very powerful and effective because it can always be updated on-line by increasing its already extensive database of exploits. Obviously
security administrators can not base their work on only one automated tool, but their skill and experience make the difference.
0 comments:
Post a Comment