Intrigue-core - Framework for Automated Attack Surface Discovery

Intrigue-core is a framework for attack .

There are a number of use cases:

  • Application and Infrastructure (Asset) Discovery
  • Security Research and Vulnerability Discovery
  • Malware Campaign Research & Indicator Enrichment
  • Exploratory OSINT Research

Setting Up a Development Environment

Follow the appropriate setup guide:

Now that you have a working environment, browse to the web interface.

Configuring The System

Many modules require API keys. To set them up, browse to the “Configure” tab and click on the name of the module. You will be taken to the relevant signup page where you can provide an API key.

Intrigue-core is built API-first, allowing all functions in the UI to be easily automated. The following methods for automation are provided.

API usage via core-cli:

A command line utility has been added for convenience, core-cli.

List all available tasks:

$ bundle exec ./core-cli.rb list

Start a task:

$ bundle exec ./core-cli.rb background Default dns_brute_sub DnsRecord#intrigue.io 1
Got entity: {"type"=>"DnsRecord", "name"=>"intrigue.io", "details"=>
{"name"=>"intrigue.io"}}
Task Result: {"result_id":66103}

API usage via curl:

You can use curl to drive the framework. See the example below:

$ curl -s -X POST -H "Content-Type: application/json" -d '{ "task": "example", 
"entity": { "type": "String", "attributes": { "name": "8.8.8.8" } }, 
"options": {} }' http://127.0.0.1:7777/results



Source link

thanks you RSS link
( http://feedproxy.google.com/~r/EffectHacking/~3/1W5kR-iWnOU/intrigue-core-framework.html)

LEAVE A REPLY

Please enter your comment!
Please enter your name here