In both columns, I said that as good as these tools are, many commercial scanners are better. Last week, I had a chance to revisit that theory as I reviewed Core Security Technologies' Core Impact 5.1 (http://www.coresecurity.com/products/coreimpact/index.php) vulnerability scanner.

Created in 1996, Core Impact has been around a long time, and I have used this tool many times professionally to test networks and beta software. While it only installs on Windows platforms, Core Impact can scan Windows, Linux, Unix, and other related platforms. It contains hundreds of exploits and a good multipane window interface (see my blog for screen shots). Like many products, it has a click-once button for downloading new updates.

Core Impact's main screen looks almost too busy at first, but it isn't. It contains everything you need to do and outputs the results in just one screen, and you can customize the screen any way you like.

In fact, almost every facet of Core Impact is customizable, mostly by editing XML files. You can control what you see on-screen, what the default settings are, how helpful wizards interact with the end-user, what ports are scanned, and what information reports contain -- all by editing easy-to-read XML code. Exploits are written in Python, which is also readily customizable. Core Impact even comes with a nice user document for customizing and creating exploits.

All activities that the product executes are documented on-screen and in a log file in detail. Information about the penetration testing pathway, each activity, and each exploit is documented in enough detail that there shouldn't be any surprises. The level of documentation and detail is top-notch.