Key features of the engine are listed below:
- Friendly web-based user interface
- Configure settings and api keys for individual tasks
- Run one-off tasks, or kick off an entire automated workflow with ease
- Iterate on findings with both manual and automated discovery
- Analysis views to dig into discovered entities
- Search, manage and download results for offline analysis
- Visualize results with built-in graphing
- Over 200 Built-In Integrations and Discovery Techniques
- IP Geolocation
- Gitrob
- Port Scanning
- Search asset databases such as:
- Binary Edge
- Censys
- Rapid7 Opendata
- Security Trails
- Shodan
- Vulnerability and Misconfiguration Discovery (Over 150 unique checks!)
- Check for vulnerabilities such as Apache Struts (CVE-2017-5638)
- BlueKeep (CVE-2019-0708)
- Powerful Application and Service Fingerprinting
- Identify unique enterprise software with over 1000 checks
- Built-in Asset Model to help users make sense of data
- Over 30 built-in entity types
- Use cases such as External Asset Discovery, Threat Intelligence, and Internal Network Scanning
- Simple to extend to new use cases
- Result Handling, Integrations & Notifications
- Push task, scan or project results to
- Local files: CSV, JSON
- Remote APIs: Amazon S3, ElasticSearch, WebHooks
- Get notified when tasks complete or issues are created
- Push task, scan or project results to
- Automated Workflows and Entity Enrichment
- Build simple workflows such as…
- Enter a URI and have it automatically checked for vulnerabilities
- Enter a Domain, grab whois info and search for subdomains
- Enter a FTP server and download any files
- Automated correlation of related entities
- Build simple workflows such as…
- Powerful HTTP REST API Create and delete entities, execute automation tasks, Pull results and much more!
- Command Line Interface Import entities, execute tasks and gather results
Ready to go!? Follow the getting started guide!