Difference between revisions of "Kali Linux: Legion"
Jump to navigation
Jump to search
Onnowpurbo (talk | contribs) |
Onnowpurbo (talk | contribs) |
||
| Line 7: | Line 7: | ||
Legion, a fork of SECFORCE’s Sparta, is an open source, easy-to-use, super-extensible and semi-automated network penetration testing framework that aids in discovery, reconnaissance and exploitation of information systems. | Legion, a fork of SECFORCE’s Sparta, is an open source, easy-to-use, super-extensible and semi-automated network penetration testing framework that aids in discovery, reconnaissance and exploitation of information systems. | ||
| − | + | ==FITUR== | |
| − | Automatic recon and scanning with NMAP, whataweb, nikto, Vulners, Hydra, SMBenum, dirbuster, sslyzer, webslayer and more (with almost 100 auto-scheduled scripts) | + | * Automatic recon and scanning with NMAP, whataweb, nikto, Vulners, Hydra, SMBenum, dirbuster, sslyzer, webslayer and more (with almost 100 auto-scheduled scripts) |
| − | Easy to use graphical interface with rich context menus and panels that allow pentesters to quickly find and exploit attack vectors on hosts | + | * Easy to use graphical interface with rich context menus and panels that allow pentesters to quickly find and exploit attack vectors on hosts |
| − | Modular functionality allows users to easily customize Legion and automatically call their own scripts/tools | + | * Modular functionality allows users to easily customize Legion and automatically call their own scripts/tools |
| − | Highly customizable stage scanning for ninja-like IPS evasion | + | * Highly customizable stage scanning for ninja-like IPS evasion |
| − | Automatic detection of CPEs (Common Platform Enumeration) and CVEs (Common Vulnerabilities and Exposures) | + | * Automatic detection of CPEs (Common Platform Enumeration) and CVEs (Common Vulnerabilities and Exposures) |
| − | Realtime autosaving of project results and tasks | + | * Realtime autosaving of project results and tasks |
| − | Also Read – Calculator : A simple Yet Powerful Calculator that Ships with Windows | + | * Also Read – Calculator : A simple Yet Powerful Calculator that Ships with Windows |
| − | NOTABLE CHANGES FROM SPARTA | + | ==NOTABLE CHANGES FROM SPARTA== |
| − | Refactored from Python 2.7 to Python 3.6 and the elimination of depreciated and unmaintained libraries | + | * Refactored from Python 2.7 to Python 3.6 and the elimination of depreciated and unmaintained libraries |
Upgraded to PyQT5, increased responsiveness, less buggy, more intuitive GUI that includes features like: | Upgraded to PyQT5, increased responsiveness, less buggy, more intuitive GUI that includes features like: | ||
| − | Task completion estimates | + | ** Task completion estimates |
| − | 1-Click scan lists of ips, hostnames and CIDR subnets | + | ** 1-Click scan lists of ips, hostnames and CIDR subnets |
| − | Ability to purge results, rescan hosts and delete hosts | + | ** Ability to purge results, rescan hosts and delete hosts |
| − | Granual NMAP scanning options | + | * Granual NMAP scanning options |
| − | Support for hostname resolution and scanning of vhosts/sni hosts | + | * Support for hostname resolution and scanning of vhosts/sni hosts |
| − | Revise process queuing and execution routines for increased app reliability and performance | + | * Revise process queuing and execution routines for increased app reliability and performance |
| − | Simplification of installation with dependency resolution and installation routines | + | * Simplification of installation with dependency resolution and installation routines |
| − | Realtime project autosaving so in the event some goes wrong, you will not loose any progress! | + | * Realtime project autosaving so in the event some goes wrong, you will not loose any progress! |
| − | Docker container deployment option | + | * Docker container deployment option |
| − | Supported by a highly active development team | + | * Supported by a highly active development team |
| − | |||
| + | ==INSTALLATION== | ||
| − | + | ===TRADITIONAL METHOD=== | |
| − | |||
| − | TRADITIONAL METHOD | ||
Assumes Ubuntu, Kali or Parrot Linux is being used with Python 3.6 installed. Other dependencies should automatically be installed. Within Terminal: | Assumes Ubuntu, Kali or Parrot Linux is being used with Python 3.6 installed. Other dependencies should automatically be installed. Within Terminal: | ||
| Line 47: | Line 45: | ||
sudo ./startLegion.sh | sudo ./startLegion.sh | ||
| − | DOCKER METHOD | + | ===DOCKER METHOD=== |
Assumes Docker and Xauthority are installed. Within Terminal: | Assumes Docker and Xauthority are installed. Within Terminal: | ||
Revision as of 04:25, 3 August 2020
Sumber: https://kalilinuxtutorials.com/legion-penetration-testing/
WARNING: Legion menggunakan pip bukan pip3 jadi agak bermasalah di KALI 2020.2 ke atas.
Legion, a fork of SECFORCE’s Sparta, is an open source, easy-to-use, super-extensible and semi-automated network penetration testing framework that aids in discovery, reconnaissance and exploitation of information systems.
FITUR
- Automatic recon and scanning with NMAP, whataweb, nikto, Vulners, Hydra, SMBenum, dirbuster, sslyzer, webslayer and more (with almost 100 auto-scheduled scripts)
- Easy to use graphical interface with rich context menus and panels that allow pentesters to quickly find and exploit attack vectors on hosts
- Modular functionality allows users to easily customize Legion and automatically call their own scripts/tools
- Highly customizable stage scanning for ninja-like IPS evasion
- Automatic detection of CPEs (Common Platform Enumeration) and CVEs (Common Vulnerabilities and Exposures)
- Realtime autosaving of project results and tasks
- Also Read – Calculator : A simple Yet Powerful Calculator that Ships with Windows
NOTABLE CHANGES FROM SPARTA
- Refactored from Python 2.7 to Python 3.6 and the elimination of depreciated and unmaintained libraries
Upgraded to PyQT5, increased responsiveness, less buggy, more intuitive GUI that includes features like:
- Task completion estimates
- 1-Click scan lists of ips, hostnames and CIDR subnets
- Ability to purge results, rescan hosts and delete hosts
- Granual NMAP scanning options
- Support for hostname resolution and scanning of vhosts/sni hosts
- Revise process queuing and execution routines for increased app reliability and performance
- Simplification of installation with dependency resolution and installation routines
- Realtime project autosaving so in the event some goes wrong, you will not loose any progress!
- Docker container deployment option
- Supported by a highly active development team
INSTALLATION
TRADITIONAL METHOD
Assumes Ubuntu, Kali or Parrot Linux is being used with Python 3.6 installed. Other dependencies should automatically be installed. Within Terminal:
git clone https://github.com/GoVanguard/legion.git cd legion sudo chmod +x startLegion.sh sudo ./startLegion.sh
DOCKER METHOD
Assumes Docker and Xauthority are installed. Within Terminal:
git clone https://github.com/GoVanguard/legion.git cd legion/docker sudo chmod +x runIt.sh sudo ./runIt.sh
Credit : GoVanguard
Referensi