Intrigue Core is an asset discovery and attack surface enumeration engine that integrates and orchestrates a wide variety of OSINT and commercial sources, combining these sources with powerful graph analysis techniques to help illuminate details about assets and exposures .
It’s designed for security professionals in both offensive and defensive use cases. The core engine is built in Ruby and implements core concepts such as tasks, entities, and machines. The framework is highly flexible and can be used in a variety of use cases – entirely via API.
The core use case, discovery of assets and exposures, works by allowing the user to create a project, and feed a set of seed entities into the project, and then allowing them to start a Machine which utilizes Tasks to find Entities (assets, applications, and systems) related to the seeds (and their owners), pulling information and combining it from every available and configured source.
Once entities are discovered, we must analyze them to know what they are and how to process them. Intrigue Ident is the application and service fingerprinting library that powers this analysis process within Intrigue Core. It can also be used in standalone mode. For more information on Ident, see: Using Intrigue Ident for Application Fingerprinting
Intrigue Core also powers the intelligence behind Intrigue.io.
For more information, see our features page.