Features

Key features of the engine are listed below:

• Friendly web-based user interface
  • Configure settings and api keys for individual tasks
  • Run one-off tasks, or kick off an entire automated workflow with ease
  • Iterate on findings with both manual and automated discovery
  • Analysis views to dig into discovered entities
  • Search, manage and download results for offline analysis
  • Visualize results with built-in graphing
• Over 200 Built-In Integrations and Discovery Techniques
  • DNS Subdomain Bruteforce
  • IP Geolocation
  • Gitrob
  • Port Scanning
  • Search asset databases such as:
    • Binary Edge
    • Censys
    • Rapid7 Opendata
    • Security Trails
    • Shodan
  • and more….
• Vulnerability and Misconfiguration Discovery (Over 150 unique checks!)
  • Check for vulnerabilities such as Apache Struts (CVE-2017-5638)
  • BlueKeep (CVE-2019-0708)
• Powerful Application and Service Fingerprinting
  • Identify unique enterprise software with over 1000 checks
• Built-in Asset Model to help users make sense of data
  • Over 30 built-in entity types
  • Use cases such as External Asset Discovery, Threat Intelligence, and Internal Network Scanning
  • Simple to extend to new use cases
• Result Handling, Integrations & Notifications 
  • Push task, scan or project results to
    • Local files: CSV, JSON
    • Remote APIs: Amazon S3, ElasticSearch, WebHooks
  • Get notified when tasks complete or issues are created
• Automated Workflows and Entity Enrichment
  • Build simple workflows such as…
    • Enter a URI and have it automatically checked for vulnerabilities
    • Enter a Domain, grab whois info and search for subdomains
    • Enter a FTP server and download any files
  • Automated correlation of related entities
• Powerful HTTP REST API Create and delete entities, execute automation tasks, Pull results and much more!
• Command Line Interface Import entities, execute tasks and gather results

Ready to go!? Follow the getting started guide!