Core Impact Certified Professional (CICP)
Duration:
Two Days
Course Overview:
This training helps participants get the most value from security assessments by combining in-depth product training with guidance on planning, promoting, conducting and reporting on highly targeted penetration tests.
Course Outline:
Getting Started with IMPACT
- Welcome to the Dashboard
- Configuration and Options
- Reports
The IMPACT Interface
- Welcome to the Console
- Rapid Penetration Test (RPT) View / Modules View
- Network, Client Side, and Web view
- Executed Modules Pane
- Module Output / Log / Parameters Pane
- Quick Information Pane / Entity Properties Pane
Agents
- OS Agents
Memory Resident Agent, File Resident Agent, and Persistent Agent Connection Methods Available Pivoting Uninstalling - WebApps Agents SQL Agent, RFI Agent, XSS Agent and Web Browser Agent Uninstalling
Network Penetration Testing
- What does IMPACT Need?
On the Subject of Information Gathering How does IMPACT select exploits to attempt? - Rapid Penetration Test
Network Information Gathering wizard Network Attack and Penetration wizard Local Information Gathering wizard Privilege Escalation wizard Clean Up wizard Network Report Generation wizard
Client Side Penetration Testing,
- Rapid Penetration Test
Client-side Information Gathering & Attack wizards Local Information Gathering & Privilege wizard Clean Up wizard - One-Step Client-side Vulnerability Test Scheduling
- Using Individual Modules
Conducting a Client-side Penetration Test using modules only Macros
WebApps Penetration Testing
- What does IMPACT Need?
- What is the outcome of finding an exploit?
Understanding the threat of a SQLi , RFI . XSS exploit
Target Audience:
Delegates with IT background