Core Impact Library

Core Impact Training and Help

Core Security have some excellent content and services, most of which are available from their web site, from Core Impact Training, to Core Impact documentation, to Core Impact videos, all arranged in ways that make sense for them, not necessarily to you.

Here we bring everything Core Impact related together in one place, hopefully organised in a way that makes sense to you.

Quick Links

Core Impact Support

With your subscription you get upgrades to the platform, updated exploits, and access to the Support team.

The Support team can be contacted in the following ways:

Note that you will need to register for the support portal before you use it and that a human reviews the application so it takes a few hours.  It is suggested that you register for the support before you need access.

You will also find copies of useful product documents here, and sample report outputs here.

Version Release and Roadmap Materials

When Core release new versions of Impact they often release a video showing the new features at the same time.  They also deliver a roadmap session on a regular basis explaining what is coming up in the near and medium future.

Core have all the materials from 2020 on, held on their web site https://www.coresecurity.com/support/training/core-impact/20-3.

Core Impact Training

Core don’t offer classroom learning or the CICP (Core Impact Certified Professional) training anymore, everything has moved on-line.  When you view much of the new content it will be branded “Core Impact Certified Professional” because it is the same content, it is just free now.

The following are a great start to get you going on the product based on the different attack vectors.

NameCommentLink
Network AttacksShows the general process for performing a network penetration test.https://youtu.be/rc6Awx0FmFY
Web Application AttacksShows the general process for performing a web application penetration test.https://youtu.be/0HqLbT6yCAY
Client Side AttacksNote: this area of the product we heavily revised and the 2018.1 release webinar covers this area better.

Shows the general process for performing phishing attacks.
https://youtu.be/J96AFnXWhF4
WiFi AttacksShow how to use the 2 different hardware devices that are supported to perform network attacks.https://youtu.be/tvG-j5aqBSA

Video Tutorials

Over the years a number of videos have been put together that will take you through different areas of the product.  Once built the functionality rarely changes ,so even the old videos still have great value.  As the owners of Core changed through the years the branding changed on the videos but we have most of them here.

Getting Started

The following “Getting Started” guides dive into specific areas of the product, and are in no particular order.

NameCommentLink
Getting Started with Core Impact Agent PersistenceThis video demonstrates how to make an agent persistent in Core Impact. Persistent agents can reconnect if the connection is reset, making them especially valuable for longer duration testing.https://youtu.be/DjLs7W6XEWs
Getting Started with Core Impact Using ModulesIn this video, you’ll learn how to take more direct control of your pen testing using the modules function in Core Impact.https://youtu.be/HyreIJaeiEM
Getting Started with Core Impact ReportingCore Impact provides a wide variety of reports which are simple to generate.This video covers how to generate reports using the rapid penetration test (RPT) method in Core Impact, the variety of reports available, and how to customize reports.https://youtu.be/YBXioOJpbig
Getting Started with Core Impact TeamingIn this module, we’ll show you how to create, join, and use a teaming session in Core Impact.
https://youtu.be/ik5vaynpgIA
Getting Started with Core Impact Workspace ManagementCore Impact workspaces organize information surrounding a single, self-contained pen test or vulnerability management engagement. Since Core Impact allows you to work with multiple workspaces, this video is designed to share some helpful workspace management techniques.https://youtu.be/TEMa7kWa4BY
Getting Started with Core Impact Generating AgentsThis video discusses how to generate powerful agents in the form that is most useful to your specific pen test. Most of the power is exposed through a single module: the package and register agent module.https://youtu.be/0yg1RBeVjto
Getting Started with Core Impact Intro to the GUIThis video provides an introduction the Core Impact’s graphic user interface (GUI) to help you quickly navigate and save time with your pen tests.https://youtu.be/jQWmRrgDTyI

Advanced Techniques

More detail on some subject, again in no particular order.

NameCommentLink
Core Impact Advanced Technique Agent Process InjectionThis video demonstrates how to inject a Core Impact agent in a process on the host box. Steps include:

– Understanding what process are running
– Determining what process to inject an agent into
– Injecting the agent
– Verifying agent was successfully injected
https://youtu.be/rDqy0qIuLL4
Core Impact Advanced Technique Restful API UtilizationCore Impact’s automation API is a restful API to use to control Core Impact and initiate scans and other automatic exploitation activities. This video demonstrations how to setup the API and use it through the documentation interface.https://youtu.be/FfbWh5Cw8ww
Core Impact Advanced Technique Windows Secret DumpDemonstrates how to use the Core Impact Windows Secrets Dump module and CloudCyper to gather and crack hashes.https://youtu.be/mb4thfSD95o
Core Impact Advanced Technique Golden TicketA Golden Ticket is when an attacker successfully obtains access to an entire domain. An attacker can often regain privileges after remediation using undetected scripts, making these types of attacks incredibly difficult to clean up.

Testing your network yourself is a great way to prevent attackers getting such a strong foothold in your network. This video demonstrates how to safely conduct a Golden Ticket attack in Core Impact using PowerShell Empire and Core Impact agents.
https://youtu.be/xvuhPQ19X4Y

Core Impact Tips And Tricks, from S4

These videos were put together by a number of different team members within Core and cover off different, more advanced areas of the product.
NameCommentLink
6 steps to running a pen testStart watching now to hear from Andy Nickel and learn the six fundamental steps of running a network penetration test.https://youtu.be/tMJo9iG5QhY
Understanding Agent TypesUnderstanding Agent Types in Core Impact: Discover the Pros + Cons

In this webinar, Matt Ducoffe will explain the usage and benefits of temporal agents to customers who traditionally like to run campaigns and make agents persistent. He will also explain the different settings and types of agents available to Impact users for best practices.
https://youtu.be/Ou2ItmqVJvI
Lazy Pen-Tester Tips and TricksDoes the thought of having to spin up single engagement items like infrastructure, domains, and certificates fill you with dread? If so, we’ve got some good news. In this webinar, we’ll show you how you can leverage Impact’s scripting capabilities to build custom setup workflows to make your engagements go more smoothly and efficiently.https://youtu.be/u725TX_hnhM
Customizable Reports with Core ImpactLearn how to use the customizable reports functionality available in Core Impact. With this you will be able to fully customize the spreadsheet by determining what you’d like to include, or exclude, in your report. This is very handy as a way to integrate Impact results directly with the tester process and reduce the required time to integrate findings with other tools or manual testing that may occur.https://youtu.be/LoXHszC55gg
Beyond the Initial Compromisehttps://youtu.be/yKYCjC2vRLM
Restricted environmentsIn this video an experienced pen-tester will walk users though cool features and unique ways to use Core Impact during testing, such as:
Demonstrating how to set up DNS channels for agent communicationsDownloading and running PowerShell scripts even when compromised devices do not have internet connectivity
How to utilize the agentless WMI testing capabilities to make your tests even more stealthy
And much more
https://youtu.be/IZRLWCOQGTM
Lateral movementLateral movement and credential capturehttps://youtu.be/reYVzX410Zc
License MoveRuns for about 1 minute but no sound. Shows a user “de-authorising” the Core Impact product and then “re-authorising” it. This is all done over the Internet (as this is what most people do) but it can be done via email / phone if needed. You will see the email & phone options in the wizards.https://youtu.be/dgVvC0A1x3k
Teaming DemoTeaming is where 2 or more people work on one pen-test.
The short video below shows how the Core Impact teaming functionality works. The “Teaming Server” has to be an unlimited license. The “Teaming Client” can be any size license.
https://youtu.be/aulJBOgt0dQ
DNS Channel & Temporal Agents with Core Impacthttps://youtu.be/TaBHCy54cmM
Better Pivoting = Better Pen Testinghttps://youtu.be/2WcaF8oLm6c
End to End Web Application Testinghttps://youtu.be/x0Ewo0phHrg
Agentless WMI Shellshttps://youtu.be/k1wrvodIPuE
Basic phishing and privilege escalation against windowshttps://youtu.be/AlIuxLjwtjw
Privilege EscalationImpact simplifies the often time consuming process of finding the right privilege escalation exploit by using the privilege escalation RPT.https://youtu.be/uetJkwNvV7s
Workspace ManagementCore Impact features powerful capabilities to group all data and logs associated with an engagement or project together in a Workspacehttps://youtu.be/lceq5zCIaHU
Quick Information ModuleCore Impact features thousands of distinct modules. Learn how to use the Quick Information display to get access to critical information for your penetration test.https://youtu.be/CgHL1HfoNog
Metasploit IntegrationCore Impact integrates with the Metasploit Framework to give you access to Metasploit’s network exploits. Learn how to install Metasploit, configure the integration and use ithttps://youtu.be/5e_Clw-VjfY
Local Information GatheringGetting an agent on the box is just the beginning. Learn how to use Core Impact’s local information gathering capabilities to develop intelligence on users, services, and networks available from compromised machines.https://youtu.be/aSWwpqzpcYE
Connection MethodsLearn the different methods of how Core Impact’s agents can communicate, when to use them, and more.https://youtu.be/JSyiQ_UU0Uk
Identity ManagerLearn how Core Impact makes it easy to collect, store, and use user credentials and identities.https://youtu.be/NKd0JizhMHQ
Clean UpLearn how you can quickly clean up deployed agents, as well as redeploy them if necessary.https://youtu.be/_F1SkvbnZ50
Agent PackingLearn about the flexible options Core Impact provides you for packaging and using our Agent payload.https://youtu.be/OsPd91rtxB0
Attack and Penetration TestLearn the basics of using Core Impact’s Attack and Penetration Rapid Pen Test functionality to quickly assess a host or network for easy to exploit vulnerabilities with minimal setup and effort.https://youtu.be/0QRvgIQRHBc
Best Practices for Effective Phishing CampaignsPhishing has been around almost as long as the Internet. While some attempts can be spotted a mile away, others have grown increasingly sophisticated. Even the best enterprise spam filters can’t catch every malicious communication. Unfortunately, a single careless click from an employee can have devastating consequences for the entire organization.

But what’s the best way to improve employee awareness?

Watch this webinar with Bobby Kuzma, Director of Strategy, Research, and Enablement, to learn how to prevent such attacks from damaging your organization by designing effective and enticing phishing simulations. Find out how to plan and deploy a successful test with expert advice on the process from start to finish, including:

-Utilizing the right tools
-Creating realistic emails and domains
-Gathering quantitative and qualitative results
-Follow up training
-Creating consistent retesting strategies
https://youtu.be/_e0uuoZP0Og
Setting up an External Pivot using Core ImpactInstalling an agent on AWS to test the outdies of your organisation.https://youtu.be/RVodolZBmsM
Password Spraying in Core Impact 1This video defines, discusses, and demonstrations how to conduct different types of password attacks in Core Impact, including brute force, dictionary, and password spraying.https://youtu.be/anj15qar27A

Core Impact Tips And Tricks from, Core Security

Core have also started to put content on their web site again on this page:
https://www.coresecurity.com/resources
.  This page includes everything that they have for all of their products. You can select the product of CTS -> Core Impact, or the following links are more useful: