Core Impact
Core Impact is an enterprise penetration testing suite that is designed to automate exploitation during a test.
Obviously from the word "enterprise" we should all gather that it cost a lot of money and therefore "we" haven't been able to fully test it's feature set and capabilities although it does claim to have a wide array of functions and usage.
Some examples are testing not only applications but also network devices for publicly known vulnerabilities and some unknown but given out only under strict disclosure as an update once you have a service contract.
With IMPACT, you can:
* pinpoint exploitable OS and services vulnerabilities in network and endpoint systems
* measure end-user response to phishing, spear phishing, spam and other email threats
* test web application security and demonstrate the consequences of web-based attacks
* distinguish real threats from false positives to speed and simplify remediation efforts
* configure and test the effectiveness of IPS, IDS, firewalls and other defensive infrastructure
* confirm the security of system upgrades, modifications and patches
* establish and maintain an audit trail of your vulnerability management practices
* schedule tests to run automatically on a recurring basis