Intrigue Core is a scriptable engine that uses automation scripts (tasks) to discover interesting things (entities) … enabling asset and vulnerability on a scale never before possible.

Each discovered entity can be iterated upon, with a task, to discover more entities and/or vulnerabilities & misconfigurations (called “issues” in our terminology).

The engine can be used manually (“human in the loop”) or automatically via a “machine” which tells the engines which tasks can be run on a given entity.

Key features of the engine are listed below:

  • Friendly web-based user interface
    • Configure settings and api keys for individual tasks
    • Run tasks, and gather / download results
    • Iterate on findings with both manual and automated discovery
    • Search, manage and download results
    • Analysis views to dig into discovered entities
    • Visualize results with built-in graphing
  • Command Line Interface
    • Import entities, execute tasks and gather results
  • Powerful API
    • Create and delete entities, execute automation tasks, Pull results and much more!
    • Provided Ruby SDK & Client
  • Over 130 Built-In Discovery Tasks
  • Application and Service Fingerprinting
  • Vulnerability and Misconfiguration Discovery (Over 50 checks!)
    • Check for vulnerabilities such as Apache Struts (CVE-2017-5638)
    • Bluekeep (CVE-2019-0708)
  • Built-in OSINT ontology
  • Result Handling and Notifications 
    • Push task, scan or project results to
      • Local files: CSV, JSON,
      • Remote APIs: Amazon S3, ElasticSearch, Webhooks
    • Get notified when tasks complete or issues
  • Automated Entity Enrichment
    • Build simple workflows such as…
      • Enter a URI and have it automatically fingerprinted & screenshotted
      • Enter a Domain and it will be looked up, with all records stored
      • Enter a FTP server and it’ll be enumerated
    • Automated correlation of related entities

Ready to go!? Follow the getting started guide!