Legion is an open source, easy-to-use, super-extensible and semi-automated network penetration testing tool that aids in discovery, reconnaissance and exploitation of information systems.
Features
-
Instinctive reconnaissance and scanning with NMAP, whataweb, nikto, Vulners, Hydra, SMBenum, dirbuster, sslyzer, webslayer and more (with almost 100 auto-scheduled scripts).
-
User Friendly GUI with rich context menus and panels that helps the pentesters to quickly find and exploit attack vectors on hosts.
-
Modular functionality allows users to easily customize Legion and automatically call their own scripts/tools.
-
Highly customizable stage scanning for ninja-like IPS evasion.
-
Automatic detection of CPEs (Common Platform Enumeration) and CVEs (Common Vulnerabilities and Exposures).
-
Ties CVEs to Exploits as detailed in Exploit-Database.
-
Realtime autosaving of project results and tasks.
Demo
Installation
It is preferable to use the docker image over a traditional installation. This is because of all the dependency requirements and the complications that occur in environments which differ from a clean, non-default installation.
Installing in Docker
Linux with Local X11:
-
Assumes Docker and X11 are installed and setup (including running docker commands as a non-root user)
-
It is critical to follow all the instructions for running as a non-root user. Skipping any of them will result in complications getting docker to communicate with the X server
Within Terminal:
Step 1: Download the Legion tool in to your machine by using the command below, #git clone
https://github.com/GoVanguard/legion.git
Step 2: Now Navigate to the Legion folder
cd legion/docker
Step 3: Now Navigate to the Docker folder to run legion tool in Docker mode.
Step 4: Change the Installation file in to an executable format as show below.
chmod +x runIt.sh
Step 5: Run the installation file
./runIt.sh
Linux with Remote X11:
-
Assumes Docker and X11 are installed and setup
-
Replace X.X.X.X with the IP of the remote running X11.
Within Terminal:
git clone https://github.com/GoVanguard/legion.git
cd legion/docker
chmod +x runIt.sh
./runIt.sh X.X.X.X
To Run Legion tool in Docker mode first setup Docker on Linux.
-
To install docker components typically needed and add setup the environment for docker, under a term, run:
sudo apt-get update
sudo apt-get install -y docker.io python-pip -y
sudo groupadd docker
pip install --user docker-compose
Setup Docker to allow non-root users:
-
To enable non-root users to run docker commands, under a term, run:
sudo usermod -aG docker $USER
sudo chmod 666 /var/run/docker.sock
sudo xhost +local:docker
Traditional Installation
-
Please use the docker image where possible! It's becoming very difficult to support all the various platforms and their own quirks
-
Assumes Ubuntu, Kali or Parrot Linux is being used with Python 3.6 installed.
Within Terminal:
git clone https://github.com/GoVanguard/legion.git
cd legion
pip install –r requirements.txt
sudo chmod +x startLegion.sh
sudo ./startLegion.sh