reddit hackernews mail facebook facebook linkedin


Aids in discovery, reconnaissance and exploitation of information systems.

Legion, a fork of SECFORCE's Sparta, is an open source, easy-to-use, super-extensible, and semi-automated network penetration testing framework that aids in discovery, reconnaissance, and exploitation of information systems. Legion is developed and maintained by GoVanguard.

- Automatic recon and scanning (with almost 100 auto-scheduled scripts).
- Easy to use graphical interface with rich context menus and panels that allow pentesters to quickly find and exploit attack vectors on hosts.
- Modular functionality allows users to easily customize Legion and automatically call their own scripts/tools.
- Multiple custom scan configurations ideal for testing different environments of various size and complexity.
- Highly customizable stage scanning for ninja-like IPS evasion.
- Automatic detection of CPEs and CVEs.
- Ties CVEs to Exploits as detailed in Exploit-Database.
- Realtime auto-saving of project results and tasks.