Key features of the engine are listed below:

  • Friendly web-based user interface with support for Workflows
    • Configure settings and api keys for individual tasks
    • Run one-off tasks, or kick off an entire automated workflow with ease
    • Iterate on findings with both manual and automated discovery
    • Analysis views to dig into discovered entities
    • Search, manage and download results for offline analysis
    • Visualize results with built-in graphing
  • Over 200 Built-In Integrations and Discovery Techniques
  • Vulnerability and Misconfiguration Discovery (Over 75 unique checks!)
    • Check for vulnerabilities such as Apache Struts (CVE-2017-5638)
    • Bluekeep (CVE-2019-0708)
  • Powerful Application and Service Fingerprinting
    • Identify unique enterprise software with over 1000 checks
  • Built-in Entity Model to help users make sense of data
    • Over 30 built-in entity types
    • Use cases such as Organizational Asset Discovery, Threat Intelligence, and Network Scanning
    • Easy to extend to new use cases
  • Result Handling, Integrations & Notifications 
    • Push task, scan or project results to
      • Local files: CSV, JSON
      • Remote APIs: Amazon S3, ElasticSearch, Webhooks
    • Get notified when tasks complete or issues are created
  • Automated Workflows and Entity Enrichment
    • Build simple workflows such as…
      • Enter a URI and have it automatically fingerprinted & screenshoted
      • Enter a Domain and it will be looked up, with all related records stored
      • Enter a FTP server and it’ll be enumerated
    • Automated correlation of related entities
  • Powerful HTTP REST API Create and delete entities, execute automation tasks, Pull results and much more!
  • Command Line Interface Import entities, execute tasks and gather results

Ready to go!? Follow the getting started guide!