JavaScript Ruby HTML Shell Python CSS
Switch branches/tags
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
api_client bump gemspec Aug 10, 2017
app more work on ancestor_path Aug 18, 2018
config bump the default max_seconds variable Jun 11, 2018
data move to dynamic queue names, simplifying the sidekiq config. Allow a … May 28, 2018
db keep whitelist/blacklist strings for a scan Jul 31, 2018
lib remove legacy cruft Aug 18, 2018
log initial commit Jul 6, 2015
public make tokenized search actually work, and add a few tooltips Jul 31, 2018
spec type cleanup May 26, 2018
tmp maintain a tmp directory Mar 19, 2018
util fix capybara / chrome headless problems Jul 3, 2018
.bowerrc Use Bower to manage front-end dependencies Jul 21, 2015
.gitignore move to dynamic queue names, simplifying the sidekiq config. Allow a … May 28, 2018
.rbenv-gemsets Revert "Revert "PR fixing Issue 15: Sudoers and NMAP"" Aug 13, 2017
Dockerfile ensure we always generate a new password on startup Jul 2, 2018
Gemfile move ident code to a gem Jul 6, 2018
Gemfile.lock bump ident Aug 18, 2018
LICENSE.md better handling of worker configs on a new system setup / bootstrap Mar 28, 2018
Procfile 7777 is correct Jun 27, 2018
README.md simplify readme Jul 4, 2018
Rakefile clean up Jun 18, 2018
Vagrantfile don't generate a system password if we already have one. clean up Vag… May 26, 2018
bower.json update bower components, experiment with json on views Dec 28, 2015
config.ru Allow for better startup control through the use of ENV variables. Va… Feb 4, 2016
core-cli.rb fix bugs related to always-on geolocation - specifically how hash is … Jul 11, 2018
core.rb more chromedriver adjustments Jul 3, 2018

README.md

Welcome!

Intrigue-core is a framework for automated attack surface discovery. There are a number of use cases:

  • Application and Infrastructure (Asset) Discovery
  • Security Research and Vulnerability Discovery
  • Malware Campaign Research & Indicator Enrichment
  • Exploratory OSINT Research

If you'd like assistance getting started or have development-related questions, feel free to join us in the chat.

Users

If you just want to get started and play around with an instance, have a look at the Getting Started Guide

Developers

To get started setting up a development environment, follow the instructions below!

Setting up a development environment

Follow the appropriate setup guide:

Now that you have a working environment, browse to the web interface.

Using the web interface

To use the web interface, browse to http://127.0.0.1:7777. Once you're able to connect, you can follow the instructions here: http://intrigue.io/up-and-running/

Configuring the system

Many tasks work via external APIs and thus require configuration of keys. To set them up, browse to the "Configure" tab and click on the name of the module. You will be taken to the relevant signup page where you can provision an API key. These keys are ultimately stored in the file: config/config.json.

The API

Intrigue-core is built API-first, allowing all functions in the UI to be easily automated. The following methods for automation are provided.

API usage via core-cli

A command line utility has been added for convenience, core-cli.

List all available tasks:

$ bundle exec ./core-cli.rb list

Start a task:

## core-cli.rb start [Project Name] [Task] [Type#Entity] [Depth] [Option1=Value1#...#...] [Handlers] [Strategy Name] [Auto Enrich]
$ bundle exec ./core-cli.rb start new_project create_entity DnsRecord#intrigue.io 3
Got entity: {"type"=>"DnsRecord", "name"=>"intrigue.io", "details"=>{"name"=>"intrigue.io"}}
Task Result: {"result_id":66103}

API usage via curl

You can use curl to drive the framework. See the example below:

$ curl -s -X POST -H "Content-Type: application/json" -d '{ "task": "create_entity", "entity": { "type": "DnsRecord", "attributes": { "name": "intrigue.io" } }, "options": {} }' http://127.0.0.1:7777/results

API Client (Ruby Gem)

A Ruby gem is provided for your convenience: Gem Version