Core Impact

From: Security Professional (redteamer@gmail.com)
Date: Thu Jun 23 2005 - 07:38:26 EDT


Folks,

Thanks for all the comments regarding Core Impact. I attended a demo
yesterday and I have to say...WOW! The tool definitley is worth its
price if you ask me. The fact that everything is written in Python
and fully customizable, allows for easy development of any zero day or
custom exploit.

I also found the deployable agent option to be a major plus. Gone are
the days of uploading all your tools to a compromised vicitim,
worrying about being seen on that machine, or simply spending a few
hours installing a persistent call back. The tool can deploy one of
two agents after a successful exploit. One runs in memory as the
process you exploited, and the other has an option to set it up as a
persistent agent with call back functionality. This to me is a huge
plus. Also, the fact that you can easily use that compromised machine
as a pivot point to dig further is awesome.

All in all, I was blown away by the capability of this tool. Now I
know why they ask for that much money to purchase it. If one were
only looking at the point and click functionality, I can see being
disappointed in the number of exploits that come pre-packaged with
this tool. But, if one wee to look at the FULL functionality of this
tool, and look past the simple point and click, you would see that
this tool is well beyond most things out there right now.

Again, thanks for the input.



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:29 EDT