Home

Immunity

Immunity

Immunity was founded in 2002 and evolved into a global leader in the assessment and penetration testing space. Immunity is known for its aggressive and real-world approach to assessments. Immunity has grown its unique technology offerings and consulting services based on customer demand.

Their 2 main products are Canvas and Silica-U.

Latest News:

  • May 2011:

For this month only, very special pricing on SILICA. Please contact us for a quote.

  • 2 May 2011:

Version 9.9 of Canvas VulnDisco Pack Professional has been released including 2 Opera exploirs.

  • 1 May 2011:

Canvas Exploitation Pack D2 1.40 has been released with 4 new exploits.

  • 20 April 2011:

Canvas exploit pack Agora 2.0 is now available with pretty nice coverage of widely deployed defense and web software! along with exploit for widely used RealNetworks RealGames activex. SCADA related modules have been moved from Agora to new SCADA+ pack!

  • 16 April 2011:

CANVAS 6.68 has been released introducing two new exploits for Windows.

  • 11 April 2011:

Canvas Exploitation Pack White Phosphorus 1.11 is now available with 65 new exploit modules bringing the total number of modules to 87.

  • 4 April 2011:

Canvas Exploitation Pack D2 1.39 has been released with 4 new exploits and one new tool.

  • 14 March 2011:

Canvas Exploitation Pack White Phosphorus 1.11 is now available with 6 new exploits.

  • 1 March 2011:

Canvas Exploitation Pack D2 1.38 has been released with 4 new exploits.

  • 27 February 2011:

CANVAS 6.67 has been released with two new exploits for the webkit CSS rule deletion vulnerability.

  • 25 February 2011:

Version 1.9 of Canvas exploit pack White Phosphorus has been released with 6 new exploit modules bringing the total number of modules in the pack to 76.

  • 8 February 2011:

Version 9.7 of Canvas VulnDisco Pack Professional has been released with 2 new modules.

  • 3 February 2011:

Version 1.23 of Canvas exploit pack Agora has been released with 3 new modules.

  • 1 February 2011:

Canvas Exploitation Pack D2 1.37 has been released with 4 new exploits and 1 new tool.

  • 25 January 2011:

Version 1.4 of Canvas exploit pack VOIPPACK has been released with Cisco and Trixbox / FreePBX support.

  • 21 January 2011:

Version 1.8 of Canvas exploit pack White Phosphorus has been released with 8 new exploit modules.

  • 19 January 2011:

CANVAS 6.66 has been released, introducing brand new dcerpc and smb libraries and updates to exploits using them.

  • 27 December 2010:

Version 1.22 of Canvas exploit pack Agora has been released with several modules for SCADA systems as well as Activex module and module to test latest D-link auth bypass.

  • 21 December 2010:

CANVAS 6.65 has been released with Immunity's powerful new exploit for android devices (the first of more to come), an exploit for Exim4 and Opera and, finally, their own module for the Microsoft EnableEUDC privilege escalation vulnerability.

  • 17 December2010:

Version 1.7 of Canvas exploit pack White Phosphorus has been released with 6 new exploit modules.

  • 24 November 2010:

CANVAS 6.64 has been released with support for seven new exploits, added Android Node for upcoming phone exploits and fixed bugs for callback creation and padding oracle library.

  • 17 November 2010:

Version 1.6 of Canvas exploit pack White Phosphorus has been released with 4 new exploit modules.

  • 8 November 2010:

Version 1.21 of Canvas exploit pack Agora has been released with 2 modules for SCADA systems and 2 web exploits.

  • 3 November 2010:

Canvas Exploitation Pack D2 1.34 has been released with 4 new exploits and 2 new tools.

  • October 2010:

Immunity have added 2 bundles to their offer: Canvas + D2 + White Phosphorus and Canvas + D2 + White Phosphorus + Nessus - Contact us for a quote!

  • 28 October 2010:

Version 1.20 of Canvas exploit pack Agora has been released with 3 new modules.

  • 20 October 2010:

CANVAS 6.63 has been released with support for four new exploits and getfileversion/get_installed_updates.

  • 11 October 2010:

Version 1.5 of Canvas exploit pack White Phosphorus has been released with 10 new exploit modules (including 5 0Day modules for various pdf viewers and toolkits).

  • 5 October 2010:

Canvas Exploitation Pack D2 1.33 has been released with 3 new exploits and 2 new tools.

  • 5 October 2010:

CANVAS 6.62 has been updated to 6.62.2, with the two unpatched Stuxnet privilege escalation vulnerabilitie.

  • 21 September 2010:

Version 1.19 of Canvas exploit pack Agora has been released with 4 new modules.

  • 17 September 2010:

Immunity is proud to announce that CANVAS 6.62 has been released with six new exploits and with added x64 support to the existing MS10_048 module.

  • 15 September 2010

Version 9.5 of Canvas exploit pack VulnDisco has been released with two exploits for Adobe Acrobat Reader.

  • 13 September 2010

Version 1.4 of Canvas exploit pack White Phosphorus has been released with 7 new exploit modules (including two for Apple QuickTime, and one each for Adobe Reader and Foxit Reader).

  • 1 September 2010

D2 Exploitation Pack 1.32 has been released with 4 new exploits and 1 new tool.

  • 24 August 2010

Version 1.18 of Canvas exploit pack Agora has been released with 5 new modules.

  • 18 August 2010

Immunity is proud to announce that CANVAS 6.61 has been released with 4 new modules and major improvements to the web application auditing code

  • 10 August 2010

Version 1.3 of Canvas exploit pack WhitePhosphorus has been released with 6 new exploit modules, including 1 0day (unpublished) exploits

  • 3 August 2010

Version 9.4.1 of Canvas exploit pack VulnDisco has been released with Apple Safari 5.0.1 exploit.

  • 2 August 2010

Version 9.4 of Canvas exploit pack VulnDisco has been released with 0day exploit for Adobe Reader 9.3.3.

  • 27 July 2010

D2 Exploitation Pack 1.31 has been released with 3 new exploits and 2 new tools.

  • 20 July 2010

Version 1.17 of Canvas exploit pack Agora has been released with 4 new modules.

  • 19 July 2010

Immunity is proud to announce that CANVAS 6.60 has been released - This version of CANVAS includes the FCKEditor exploit, and updates to 64-bit Windows and the included Kernel Rootkit.

  • 16 July 2010

Vulndisco 9.3 has been released with 5 Oracle tools and 2 0day exploits.

  • 2 July 2010

Version 1.2 of the White Phosphorus exploit pack is now ready, and contains 11 new exploit modules, including 2 0day (unpublished) modules.

  • 1 July 2010

D2 Exploitation Pack 1.30 has been released with 3 new exploits and 1 new tool.

  • 21 June 2010

mmunity is proud to announce that CANVAS 6.59 has been released - This release includes an exploit for MS10-032 - something found only in CANVAS! D2 Exploitation Pack 1.29 has been released earlier this month with 3 new exploits and 1 new tool.

  • 23 May 2010

Immunity have released CANVAS version 6.58, including better client-side exploitation, universal listeners, and of course, more exploits. Exploitation packs VulnDisco 9.2 with new tools and exploits, D2 1.8 with 3 new tools and 3 new exploits, and Agora 1.15 with 3 new modules were also released earlier this month.

  • 7 April 2010

Immunity is proud to announce CANVAS version 6.57, which includes better reporting, a fully PTY shell, a multi-language ie_peers exploit which defeats DEP, a Javascript obfuscation library, and more.
Check here for more.

  • 2 March 2010

Immunity is proud to announce CANVAS version 6.56, which includes vastly improved support for non-English Windows versions.
Check here for more.

  • 9 February 2010

Immunity CANVAS 6.55. This release includes NTVDM and the Aurora IE exploit for Windows 7 - the only public Windows 7 Aurora exploit available including Immunity's proprietary Flash-JIT-Spray technology. Also included is an automated test framework, an exploit for NGINX, and other enhancements.
Check here for more.

  • 11 January 2010

Immunity is pleased to announce the release of CANVAS 6.54. This release includes exploits for the Acrobat DocMedia.newplayer vulnerability (CVE-2009-4324). CANVAS Professional 6.54 also includes full MOSDEF support for 64bit Windows platforms, automated PHP SafeMode bypassing, and massive client side reliability and reporting improvements.
Check here for more.

  • 06 December 2009

Immunity is pleased to announce the release of CANVAS 6.53. This release includes exploits for the recent Sun Java and Microsoft .Net client-side vulnerabilities. Each of the exploits included inside CANVAS is highly reliable, and allows for use of CANVAS's HTTP tunneling shellcode, which bypasses protective measures such as authenticating firewalls..
Check here for more.