Attacks against enterprise client-side applications -- like browsers, instant messengers, media players, spreadsheets, and word processors -- have nearly replaced exploits against networks. Core's move is a reaction to the shift.
"Given the significant 'innovation' coming out of the hacking community, it's critical that the tools used to perform penetration testing are current and state of the art, [and] simulate new client-side attack vectors," said Mike Rothman, a security analyst with Security Incite, in a statement.
Impact 6's new framework, said Boston, Mass.-based Core, has been optimized for testing client-side applications. The testing suite includes other supportive enhancements, such as recording of contacts, e-mail addresses, and host information on workstations tested for client-side vulnerabilities.
Version 6 also adds support for Mac OS X to the existing list of Windows, Linux, Solaris, and OpenBSD.
The update is available now to all existing Impact customers at no charge.