Core Impact?

nnbnbSorry if this is in the wrong forum, wasn't 100% sure where to post it.

Has anyone here had a go with www.coresecurity.com/products/coreimpact/index.php ? Its an 'automated' pen test tool but there's no trial available.

I've read some reviews but was wondering whether anyone had any hands on experience with it?

Cheers

I disliked the tool completely. First and foremost, there is no way to 'automate' a penetration test. The exploit collection is sufficiently limited that you're about likely to use it maybe once in 50 assignments. Admitted they had exploits for new vulnerabilities fairly early, but not early enough to justify the cost of the tool.

I also found it rather unstable, it crashed often, and (as usual) most of the time, exploits did not pull through.


You'd be far far better off with the Metasploit Framework www.metasploit.org

Considering it is:
a) GNU GPL
b) It makes exploit creation very easy using PERL
c) Modifying exploits is trivial
d) New exploits are posted as Metasploit PERL modules (just the other day the Windows Message Queuing remote exploit was released as a metasploit module)
e) It's very easy to use
f) The exploits are *very* reliable
g) The exploits are not obscure


There you go.

Interesting... I just watched the webinar for Core Impact this morning and I was impressed with the ease of use.

I agree there's no way a full pen test can be automated but was looking to core impact to provide a cheap alternative to getting third party pen testers in, I realise the testing is in no way as comprehensive but was hoping it'd give more of an insight than no testing.

Sahirh by unstable do you mean it crashed locally or the targets? I've had metasploit for a while but it seems more geared towards linux / unix etc whereas our PCs are 99.9% windows based (unfortunately).

The core impact sales people tell me it has the ability to install agents on remote PCs by sending crafted emails to users. Once they open the email, if they're vulnerable impact installs a level0 agent and contacts the main console which in my case will be outside the firewall... very handy indeed if it is actually that easy.

I'm in two minds as to what to do, I just wish they had a trial version!

Cheers for the replies btw

If your not looking for a full penetration suite, but an excellent vulnerability scanner for windows check out GFI languard. I use it at my internship and it seems to keep well updated as well as easy to use(with the ability of remote vulnerability scanner agents as well). The good thing is that it comes with a trial! You can check it out here . Hope this helps.

Hey Gpod2,

For the price you're gonna pay for Core Impact, you could get yourself a properly done security assessment by professional hackers.

Contact me if you want more info.


Cheers mate,