Difference between revisions of "Kali Linux: Legion"

From OnnoWiki
Jump to navigation Jump to search
Line 7: Line 7:
 
Legion, a fork of SECFORCE’s Sparta, is an open source, easy-to-use, super-extensible and semi-automated network penetration testing framework that aids in discovery, reconnaissance and exploitation of information systems.
 
Legion, a fork of SECFORCE’s Sparta, is an open source, easy-to-use, super-extensible and semi-automated network penetration testing framework that aids in discovery, reconnaissance and exploitation of information systems.
  
FEATURES
+
==FITUR==
  
Automatic recon and scanning with NMAP, whataweb, nikto, Vulners, Hydra, SMBenum, dirbuster, sslyzer, webslayer and more (with almost 100 auto-scheduled scripts)
+
* Automatic recon and scanning with NMAP, whataweb, nikto, Vulners, Hydra, SMBenum, dirbuster, sslyzer, webslayer and more (with almost 100 auto-scheduled scripts)
Easy to use graphical interface with rich context menus and panels that allow pentesters to quickly find and exploit attack vectors on hosts
+
* Easy to use graphical interface with rich context menus and panels that allow pentesters to quickly find and exploit attack vectors on hosts
Modular functionality allows users to easily customize Legion and automatically call their own scripts/tools
+
* Modular functionality allows users to easily customize Legion and automatically call their own scripts/tools
Highly customizable stage scanning for ninja-like IPS evasion
+
* Highly customizable stage scanning for ninja-like IPS evasion
Automatic detection of CPEs (Common Platform Enumeration) and CVEs (Common Vulnerabilities and Exposures)
+
* Automatic detection of CPEs (Common Platform Enumeration) and CVEs (Common Vulnerabilities and Exposures)
Realtime autosaving of project results and tasks
+
* Realtime autosaving of project results and tasks
Also Read – Calculator : A simple Yet Powerful Calculator that Ships with Windows
+
* Also Read – Calculator : A simple Yet Powerful Calculator that Ships with Windows
  
  
 
   
 
   
NOTABLE CHANGES FROM SPARTA
+
==NOTABLE CHANGES FROM SPARTA==
  
Refactored from Python 2.7 to Python 3.6 and the elimination of depreciated and unmaintained libraries
+
* Refactored from Python 2.7 to Python 3.6 and the elimination of depreciated and unmaintained libraries
 
Upgraded to PyQT5, increased responsiveness, less buggy, more intuitive GUI that includes features like:
 
Upgraded to PyQT5, increased responsiveness, less buggy, more intuitive GUI that includes features like:
Task completion estimates
+
** Task completion estimates
1-Click scan lists of ips, hostnames and CIDR subnets
+
** 1-Click scan lists of ips, hostnames and CIDR subnets
Ability to purge results, rescan hosts and delete hosts
+
** Ability to purge results, rescan hosts and delete hosts
Granual NMAP scanning options
+
* Granual NMAP scanning options
Support for hostname resolution and scanning of vhosts/sni hosts
+
* Support for hostname resolution and scanning of vhosts/sni hosts
Revise process queuing and execution routines for increased app reliability and performance
+
* Revise process queuing and execution routines for increased app reliability and performance
Simplification of installation with dependency resolution and installation routines
+
* Simplification of installation with dependency resolution and installation routines
Realtime project autosaving so in the event some goes wrong, you will not loose any progress!
+
* Realtime project autosaving so in the event some goes wrong, you will not loose any progress!
Docker container deployment option
+
* Docker container deployment option
Supported by a highly active development team
+
* Supported by a highly active development team
DEMO
 
  
 +
==INSTALLATION==
  
INSTALLATION
+
===TRADITIONAL METHOD===
 
 
TRADITIONAL METHOD
 
  
 
Assumes Ubuntu, Kali or Parrot Linux is being used with Python 3.6 installed. Other dependencies should automatically be installed. Within Terminal:
 
Assumes Ubuntu, Kali or Parrot Linux is being used with Python 3.6 installed. Other dependencies should automatically be installed. Within Terminal:
Line 47: Line 45:
 
  sudo ./startLegion.sh
 
  sudo ./startLegion.sh
  
DOCKER METHOD
+
===DOCKER METHOD===
  
 
Assumes Docker and Xauthority are installed. Within Terminal:
 
Assumes Docker and Xauthority are installed. Within Terminal:

Revision as of 04:25, 3 August 2020

Sumber: https://kalilinuxtutorials.com/legion-penetration-testing/


WARNING: Legion menggunakan pip bukan pip3 jadi agak bermasalah di KALI 2020.2 ke atas.


Legion, a fork of SECFORCE’s Sparta, is an open source, easy-to-use, super-extensible and semi-automated network penetration testing framework that aids in discovery, reconnaissance and exploitation of information systems.

FITUR

  • Automatic recon and scanning with NMAP, whataweb, nikto, Vulners, Hydra, SMBenum, dirbuster, sslyzer, webslayer and more (with almost 100 auto-scheduled scripts)
  • Easy to use graphical interface with rich context menus and panels that allow pentesters to quickly find and exploit attack vectors on hosts
  • Modular functionality allows users to easily customize Legion and automatically call their own scripts/tools
  • Highly customizable stage scanning for ninja-like IPS evasion
  • Automatic detection of CPEs (Common Platform Enumeration) and CVEs (Common Vulnerabilities and Exposures)
  • Realtime autosaving of project results and tasks
  • Also Read – Calculator : A simple Yet Powerful Calculator that Ships with Windows


NOTABLE CHANGES FROM SPARTA

  • Refactored from Python 2.7 to Python 3.6 and the elimination of depreciated and unmaintained libraries

Upgraded to PyQT5, increased responsiveness, less buggy, more intuitive GUI that includes features like:

    • Task completion estimates
    • 1-Click scan lists of ips, hostnames and CIDR subnets
    • Ability to purge results, rescan hosts and delete hosts
  • Granual NMAP scanning options
  • Support for hostname resolution and scanning of vhosts/sni hosts
  • Revise process queuing and execution routines for increased app reliability and performance
  • Simplification of installation with dependency resolution and installation routines
  • Realtime project autosaving so in the event some goes wrong, you will not loose any progress!
  • Docker container deployment option
  • Supported by a highly active development team

INSTALLATION

TRADITIONAL METHOD

Assumes Ubuntu, Kali or Parrot Linux is being used with Python 3.6 installed. Other dependencies should automatically be installed. Within Terminal:

git clone https://github.com/GoVanguard/legion.git
cd legion
sudo chmod +x startLegion.sh
sudo ./startLegion.sh

DOCKER METHOD

Assumes Docker and Xauthority are installed. Within Terminal:

git clone https://github.com/GoVanguard/legion.git
cd legion/docker
sudo chmod +x runIt.sh
sudo ./runIt.sh

Credit : GoVanguard





Referensi


Pranala Menarik