Core Impact Certified Professional (CICP)


Core Impact Certified Professional (CICP)

Two Days

Course Overview:
This training helps participants get the most value from security assessments by combining in-depth product training with guidance on planning, promoting, conducting and reporting on highly targeted penetration tests.

Course Outline:
Getting Started with IMPACT

  • Welcome to the Dashboard
  • Configuration and Options
  • Reports

The IMPACT Interface

  • Welcome to the Console
  • Rapid Penetration Test (RPT) View / Modules View
  • Network, Client Side, and Web view
  • Executed Modules Pane
  • Module Output / Log / Parameters Pane
  • Quick Information Pane / Entity Properties Pane


  • OS Agents
    ƒ Memory Resident Agent, File Resident Agent, and Persistent Agent ƒ Connection Methods Available ƒ Pivoting ƒ Uninstalling
  • WebApps Agentsƒ SQL Agent, RFI Agent, XSS Agent and Web Browser Agent ƒ Uninstalling

Network Penetration Testing

  • What does IMPACT Need?
    ƒ On the Subject of Information Gathering ƒ How does IMPACT select exploits to attempt?
  • Rapid Penetration Test
    ƒ Network Information Gathering wizard ƒ Network Attack and Penetration wizard ƒ Local Information Gathering wizard ƒ Privilege Escalation wizard ƒ Clean Up wizard ƒ Network Report Generation wizard

Client Side Penetration Testing,

  • Rapid Penetration Test
    ƒ Client-side Information Gathering & Attack wizards ƒ Local Information Gathering & Privilege wizard ƒ Clean Up wizard
  • One-Step Client-side Vulnerability Test ƒ Scheduling
  • Using Individual Modules
    ƒ Conducting a Client-side Penetration Test using modules only ƒ Macros

WebApps Penetration Testing

  • What does IMPACT Need?
  • What is the outcome of finding an exploit?
    ƒ Understanding the threat of a SQLi , RFI . XSS exploit

Target Audience:
Delegates with IT background