intrigue-core: Discover your attack surface

intrigue-core

Intrigue-core is a framework for external attack surface discovery and automated OSINT. There are a number of use cases:

• Application and Infrastructure (Asset) Discovery
• Security Research and Vulnerability Discovery
• Malware Campaign Research & Indicator Enrichment
• Exploratory OSINT Research

Intrigue makes it easy to discover information about organizations connected to the Internet. Intrigue utilizes flexible and scriptable tasks to gather OSINT and create new entities. Each discovered entity can be used to discover more information, either automatically or manually, allowing you to quickly gather many relevant data points.

The following features are supported:

• Friendly web-based user interface
  • Configure settings and api keys for individual tasks
  • Run tasks, and gather/download results
  • Iterate on findings with both manual and automated discovery
  • Search, manage and download results
  • Visualize results with built-in graphing
• Powerful Command Line Interface
  • Create entities, execute tasks and gather results
• API-first design
  • Create and delete entities via the API
  • Execute tasks via the API
  • Pull results from the API
  • Provided Ruby SDK & Client
• Over 60 built-in tasks
  • DNS Subdomain Bruteforce
  • Email Harvesting
  • IP Geolocation
  • Port Scanning
  • Search databases such as:
    • Censys
    • Shodan
    • Bing
  • and more….
• Built-in strategies for automation
  • Organizational Footprinting
• Built-in OSINT discovery-focused ontology
  • Over 30 built-in entity types
  • Easy to extend
• Result Handlers 
  • Push task, scan or project results to…
    • Local files: CSV, JSON
    • Amazon S3
    • ElasticSearch
    • Couchbase
    • Webhooks
• Automated Entity Enrichment
  • Build simple workflows such as…
    • Enter a URI and have it automatically fingerprinted and a screenshot taken
    • Enter a Domain and it will be looked up, with all records stored
    • Enter an FTP server and it’ll be enumerated
  • Automated correlation of related entities

Install & Use

Copyright (c) 2015-2021, Mandiant Corporation All rights reserved.