Core Security Technologies, a Boston based provider of IT security testing and measurement solutions, today introduced the latest version of its automated penetration testing solution, CORE IMPACT Pro version 11.
CORE IMPACT Pro helps assess the security of web applications, network systems, endpoint systems, email users and wireless networks, allowing users to replicate cyber attacks and reveal critical exposures.
With the latest release the company added several new features, allowing customers to:
• Import web vulnerability scan results and validate them for exploitability
• Detect and exploit network router and switch vulnerabilities
• Exploit Persistent (or Stored) Cross-Site Scripting (XSS) vulnerabilities
• Exploit Cross-Site Scripting (XSS) vulnerabilities in Adobe Flash applications
• Reveal additional top web application vulnerabilities as defined by OWASP
• Replicate wireless Man-in-the-Middle (MiTM) attacks
• Leverage expanded client-side phishing capabilities
With IMPACT Pro v11 penetration testing software, organizations can now assess their exposure to attacks carried out against network devices. To help security teams extend their testing capabilities and learn whether their network devices are vulnerable to attacks, CORE IMPACT Pro v11 adds the following testing capabilities:
• Information gathering and fingerprinting: As a part of Network Information Gathering, IMPACT Pro will scan a range of IP addresses and return a list of discovered network devices as well as any identifying attributes (e.g., manufacturer, device/model, OS).
• Detection and exploitation of configuration vulnerabilities: In order to verify that access to a network device has been achieved, IMPACT Pro offers testers several non-aggressive techniques to verify access, including configuration retrieval, device renaming, password cracking, access list piercing, and interface monitoring.
“Network security devices can be areas of vulnerability exposure if not properly configured, managed and patched,” said Diana Kelley, principal analyst at SecurityCurve. “That’s why a robust penetration testing plan includes these assets. Organizations need to understand if network device vulnerabilities exist and if these vulnerabilities can lead to data theft or other forms of compromise.”
Additionally, the latest release of CORE IMPACT Pro adds integration with web application scanning tools such as IBM Rational AppScan and HP WebInspect. By feeding the results of their web application scans directly into IMPACT Pro, customers are now able to:
• Prove the exploitability of web application vulnerabilities, eliminating false positives, to both prioritize and inform remediation efforts to minimize the time and money spent on re-coding efforts.
• Leverage CORE IMPACT’s privilege escalation and pivoting capabilities to gain administrative access on web servers and leverage them as beachheads for additional attacks against backend network systems – just as an attacker would.
• Use scan results to identify pages (URLs) to penetration test, in addition to utilizing CORE IMPACT’s own page identification capabilities.
Testing for Persistent Cross-Site Scripting Vulnerabilities in Web Applications
In addition to empowering users with its existing Reflective XSS attack capabilities, IMPACT Pro v11 enables them to exploit Persistent (or Stored) XSS vulnerabilities. Persistent XSS is an insidious form of attack because it implants the vulnerable web application with malicious code, which subsequently runs against end user browsers that load the application. For instance, an attacker could target a vulnerable blog by adding a comment containing exploit script. As end users view the blog in their browsers, the script would run against their systems. Since Persistent XSS doesn’t require phishing to target end users, it can affect a larger population in a much more subversive way.
Testing for Cross-Site Scripting Vulnerabilities in Adobe Flash Objects
Cross-Site Scripting (XSS) detection and exploitation for Adobe Flash objects is new for IMPACT Pro and extends the capabilities of the web application test vector by targeting dynamic Flash content in addition to static HTML applications.
Other improvements to the product’s web applications capabilities include enhanced web page crawling (i.e., to identify potential targets); additional web application firewall (WAF) evasion; and scheduling of web application tests – as well as new testing capabilities that provide additional coverage for the following OWASP top web applications risks:
• A3: Broken Authentication and Session Management
• A6: Security Misconfiguration
• A8: Failure to Restrict URL Access
With v11, CORE IMPACT Pro now provides penetration testing capabilities that address seven of the OWASP top 10 web applications risks (A1, A2, A3, A4, A6, A8 and A9).
New wireless MiTM testing capabilities in CORE IMPACT Pro v11 allow organizations to test their resiliency in several ways, notably by empowering testers to establish an imposter wireless access point and then launch tests against any systems that subsequently connect. Once a system connects to the access point, the tester is able to target it with IMPACT penetration tests and take the same steps an attacker would, including:
• Attempting to harvest usernames and passwords from wireless traffic or from endpoint systems connected to the IMPACT access point
• Inserting exploits into traffic sent and received by the connected machines
• Fingerprinting the machine
• Launching OS, services and application exploits
Once the connecting system is exploited, the user can leverage CORE IMPACT’s network testing capabilities to reveal and follow attack paths across other systems on the same network – allowing them to not only demonstrate how easily MiTM attacks compromise unsecured WiFi networks and clients, but also how far an attacker could proceed after the initial compromise.
With social engineering becoming an increasingly central aspect of today’s Advanced Persistent Threats (APTs), more Core Security customers than ever before are availing themselves of the product’s client-side testing capabilities. In IMPACT Pro v11, client-side assessments are even more useful and efficient, with the addition of new social engineering attack automation features, including:
• Information gathering enhancements that enable testers to find emails and other sensitive information in files posted to web sites.
• The ability for users to impersonate legitimate web forms with phishing “traps” to identify potential data leakage issues resulting from email recipients who click through to malicious forms.
More information is available at http://www.coresecurity.com/content/core-impact-overview
