![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
Today's free lunch was brought to me by Core Security Technologies. They have a rather interesting product, called CORE IMPACT...
It's like an enterprise-grade version of Metasploit. For $25k per year (one console, unlimited targets) you can scan your network and knock over any vulnerable systems. If you find one that's dual-homed, you can route the scan through that and 0wn whatever's on the other side, and so on, and so forth. Pretty cool if you want to actually show the boss how hard your security posture sucks (with appropriate get-out-of-jail-free letter, of course). And it's got a GUI. Drag-and-drop, Privilege Escalation Wizard, you name it.
The scary part: the vendor won't sell if they have a reason to believe that the customer is working for the Sopranos, but I'm sure you can grab this tool, pre-cracked, on eDonkey, and the Mob can certainly write their own. Yay for the forward progress of technology.
It's like an enterprise-grade version of Metasploit. For $25k per year (one console, unlimited targets) you can scan your network and knock over any vulnerable systems. If you find one that's dual-homed, you can route the scan through that and 0wn whatever's on the other side, and so on, and so forth. Pretty cool if you want to actually show the boss how hard your security posture sucks (with appropriate get-out-of-jail-free letter, of course). And it's got a GUI. Drag-and-drop, Privilege Escalation Wizard, you name it.
The scary part: the vendor won't sell if they have a reason to believe that the customer is working for the Sopranos, but I'm sure you can grab this tool, pre-cracked, on eDonkey, and the Mob can certainly write their own. Yay for the forward progress of technology.
