Intrigue makes it easy to discover information about attack surface connected to the Internet. Intrigue utilizes common sources of OSINT via “tasks” to create “entities”. Each discovered entity can be used to discover more information, either automatically or manually.

The following following features are supported:

  • Friendly web-based user interface
    • Configure settings and api keys for individual tasks
    • Run tasks, and gather / download results
    • Iterate on findings with both manual and automated discovery
    • Search, manage and download results
    • Visualize results with built-in graphing
  • Powerful Command Line Interface
    • Create entities, execute tasks and gather results
  • API-first design
    • Create and delete entities via the API
    • Execute tasks via the API
    • Pull results from the API
    • Provided Ruby SDK & Client
  • Over 60 built-in tasks
  • Built-in strategies for automation
  • Built-in OSINT discovery-focused ontology
  • Result Handlers 
    • Push task, scan or project results to…
      • Local files: CSV, JSON
      • Amazon S3
      • ElasticSearch
      • Couchbase
      • Webhooks
  • Automated Entity Enrichment
    • Build workflows such as…
      • Enter a URI and have it automatically fingerprinted and screenshotted
      • Enter a DnsRecord and it will be looked up, with all records stored
      • Enter a FTP server and it’ll be enumerated
    • Automated correlation of related entities


Ready to go!? Follow the getting started guide!