In a recent episode of Rapid7’s podcast, Security Nation, we talked with Jonathan Cran, Head of Research at Kenna Security. Here’s what Jonathan had to say about his side project, Intrigue, and how security professionals are spending their time while on coronavirus lockdown.
Intrigue
Intrigue is a framework oriented toward discovering organizational attack surface and asset intelligence. Early in Jon's penetration testing career, he had the idea for Intrigue. At the time, the pen testers had automation platforms they could use, like Maltego, and they also often wrote their own scripts. But what was missing was a framework to wrap around all of the different OSINT tools.
The vision for Intrigue began with Jon’s idea about a data-driven OSINT platform, similar to Maltego but with the plugability and openness of the Metasploit Framework. From there, it evolved. Today, Intrigue uses over 130 different OSINT sources. Just plug in a domain and press a button, and you’ll get a graph built around an organization with all the pieces of attack surface that are interesting to attackers, such as applications, hosts, people, email addresses, and more—and automation makes it all simple.
It’s completely open,[ available on GitHub, and easy to deploy with Docker.
Application fingerprinting
In the early years of Intrigue, Jonathan was working alone, with others occasionally coming and going from the project. Recently, Intrigue has been somewhat commercialized, leading to a hosted version and a team of contractors working and helping to build fingerprinting.
The fingerprinting library, which is called Ident, is standalone and also open source. While many consider application ..
Support the originator by clicking the read the rest link below.
