Intrigue Core alternatives

Looking for an alternative tool to replace Intrigue Core? During the review of Intrigue Core we looked at other open source tools. Based on their category, tags, and text, these are the ones that have the best match.

Top 3

Archery (vulnerability assessment and management)
Dagda (vulnerability scanner for Docker containers)
OpenVAS (vulnerability scanner)

These tools are ranked as the best alternatives to Intrigue Core.

Alternatives (by score)

100

Archery

Introduction

Archery is a tool that helps to collect data about vulnerabilities within an environment. Instead of focusing on the actual scanning, it allows managing findings in a web-based interface. This includes options like reporting, searching, and dashboards. It can interact with other tools, including the well-known vulnerability scanners.

Project details

Archery is written in Python.

Strengths and weaknesses

+ More than 500 GitHub stars
+ The source code of this software is available

Typical usage

Penetration testing
Vulnerability management
Vulnerability scanning
Vulnerability testing

Archery review

Dagda

Introduction

The main reasons to use Dagda is the detection of vulnerable or malicious components within your containerized environment.

Project details

Dagda is written in Python.

Strengths and weaknesses

+ The source code of this software is available

Typical usage

Malware detection
Malware scanning
Vulnerability management
Vulnerability scanning

Dagda review

OpenVAS

Introduction

OpenVAS is an open source vulnerability scanner that emerged from when Nessus became closed source in October of 2005.

Project details

OpenVAS is written in C.

Strengths and weaknesses

+ The source code of this software is available
+ Well-known tool

Typical usage

Penetration testing
Security assessment
Vulnerability scanning

OpenVAS review

Safety

Introduction

When having applications deployed in your environment, not all of those may be installed via a package manager. When your infrastructure grows, it becomes even harder to know which tools are properly patched and which ones are not. For Python applications, this is where Safety comes in that can help scan installed software components via pip. It will also look at any of the dependencies that are installed.

Project details

Safety is written in Python.

Strengths and weaknesses

+ More than 10 contributors
+ The source code of this software is available

Typical usage

Penetration testing
Security assessment
Security monitoring
Vulnerability scanning

Safety review

VScan

Introduction

Vscan is a security tool to perform vulnerability scanning with Nmap. It leverages NSE scripts to provide some flexibility in terms of vulnerability detection and exploitation.

Project details

VScan is written in shell script.

Strengths and weaknesses

+ The source code of this software is available

Typical usage

Backdoor detection
Vulnerability scanning

VScan review

100

Vuls

Introduction

Vuls is a vulnerability scanner for Linux and FreeBSD. It is written in Go, agentless, and can use a remote login to find any software vulnerabilities. It has multiple levels of scanning, from a fast scan up to a deep scan with extensive analysis.

Project details

Vuls is written in Golang.

Strengths and weaknesses

+ More than 50 contributors
+ More than 5000 GitHub stars
+ The source code of this software is available

Typical usage

System hardening
Vulnerability scanning

Vuls review

w3af

Introduction

W3af is an open source web application attack and audit framework and helps in scanning for vulnerabilities. The tool comes with both a graphical user interface (GUI) and command line utility. Some of the project files include a copyright line of 2006. That gives a good idea on the maturity of the project, and it is one of the rare tools that is still maintained after so many years.

Project details

w3af is written in Python.

Strengths and weaknesses

+ Tool is modular and extendable
+ More than 2000 GitHub stars
+ The source code of this software is available

Typical usage

Application security
Application testing
Penetration testing
Vulnerability scanning
Web application analysis

w3af review

Bash Scanner

Introduction

Bash Scanner is a security tool that does a quick scan to see if there are vulnerable packages. It uses an external service to validate.

Project details

Bash Scanner is written in shell script.

Strengths and weaknesses

+ Used language is shell script
+ The source code of this software is available

Typical usage

Security assessment
Security monitoring

Bash Scanner review

vulscan

Introduction

Vulscan is a vulnerability scanner which uses the well-known Nmap tool. By enhancing it with offline data from VulDB, it allows for detecting vulnerabilities. The database itself based on information from multiple sources.

Project details

vulscan is written in Lua.

Strengths and weaknesses

+ The source code of this software is available

- No releases on GitHub available

Typical usage

Penetration testing
Security assessment
Vulnerability scanning
Vulnerability testing

vulscan review

MalPipe

Introduction

MalPipe is a modular malware and indicator collection and processing framework. It is designed to pull information about malware, domains, URLs, and IP addresses from multiple feeds. Finally, it will enrich the collected data and export the results.

Project details

MalPipe is written in Python.

Strengths and weaknesses

+ The source code of this software is available

- No releases on GitHub available

Typical usage

Data enrichment
Data processing
Intrusion detection
Malware analysis
Malware detection

MalPipe review

Binary Analysis Next Generation (BANG)

Introduction

BANG is a framework to unpack files recursively and scan them. The files can be firmware, binaries, or malware. The main goal is to scan all files and perform classification and labeling. This way each file can be further analyzed based on the characteristics.

Project details

Binary Analysis Next Generation is written in Python.

Strengths and weaknesses

+ The source code of this software is available

- No releases on GitHub available

Typical usage

Binary analysis
Malware analysis
Malware scanning

Binary Analysis Next Generation review

Mal Tindex

Introduction

Mal Tindex is a tool that performs binary analysis on malware samples. It analyzes the binaries it is provided to learn about the specifics of each malware sample that makes them unique. This way data can be gathered that may provide background information. For example, it could provide the attribution of a particular actor or malware campaign.

Project details

Mal Tindex is written in Python.

Strengths and weaknesses

+ The source code of this software is available

Typical usage

Malware analysis
Malware research

Mal Tindex review

SSMA

Introduction

SSMA is short for Simple Static Malware Analyzer. The tool can perform a set of tests against a malware sample and retrieve metadata from it. SSMA can analyze ELF and PE and analyze its structure. For example, it can retrieve the PE file header information and its sections. Other pieces it can analyze is the usage of packers, anti-debugging techniques, cryptographic algorithms, domains, email addresses, and IP addresses. It can also check if the sample is already detected or blocked by using VirusTotal and the blocklist of malwaredomains.com.

Project details

SSMA is written in Python.

Strengths and weaknesses

+ The source code of this software is available

- No releases on GitHub available

Typical usage

Malware analysis
Malware detection
Malware scanning
Reverse engineering

SSMA review

YARA

Introduction

YARA is a tool to identify and classify malware samples. It uses textual or binary patterns to match data, combined with a boolean expression to define a match. YARA is multi-platform, can be used via a command-line interface or via Python scripts using the yara-python extension.

Project details

YARA is written in C.

Strengths and weaknesses

+ More than 50 contributors
+ More than 2000 GitHub stars
+ The source code of this software is available

Typical usage

Malware analysis
Malware detection
Malware scanning

YARA review

vulnix

Introduction

Tools like vulnix help with the detection of known weaknesses in packages by leveraging external resources. It can be used as an additional security layer on top of software patch management.

Project details

vulnix is written in Python.

Strengths and weaknesses

+ The source code of this software is available

Typical usage

Vulnerability scanning

vulnix review

DataSploit

Introduction

DataSploit is a framework to perform intelligence gathering to discover credentials, domain information, and other information related to the target. It uses various reconnaissance techniques on companies, people, phone numbers, and even cryptocoin technology. It allows aggregating all raw data and return it in multiple formats.

Project details

DataSploit is written in Python.

Strengths and weaknesses

+ More than 10 contributors
+ More than 1000 GitHub stars
+ The source code of this software is available

Typical usage

OSINT research
Information gathering
Security monitoring

DataSploit review

Cutter

Introduction

Cutter is a graphical user interface for radare2, the well-known reverse engineering framework. It focuses on those who are not familiar enough with radare2, or rather have a graphical interface instead of the command-line interface that radare2 provides.

Project details

Cutter is written in C++, Qt.

Strengths and weaknesses

+ More than 50 contributors
+ More than 3000 GitHub stars
+ The source code of this software is available

Typical usage

Binary analysis
Malware analysis
Reverse engineering

Cutter review

LIEF

Introduction

LIEF is short for Library to Instrument Executable Formats.

Project details

LIEF is written in Python.

Strengths and weaknesses

+ The source code of this software is available

Typical usage

Binary analysis
Malware analysis
Reverse engineering

LIEF review

Malice

Introduction

Malice is a malware analysis that wants to provide a free and open source version of VirusTotal. The goal of Malice is to make it usable by both independent researchers up to fortune 500 companies.

Malice is useful for those that do malware analysis or deal with user-generated files that may contain malware. The framework allows scanning files and directories to see if they are infected.

Project details

Malice is written in Golang.

Strengths and weaknesses

+ More than 500 GitHub stars
+ The source code of this software is available

Typical usage

Malware analysis
Malware detection
Malware research
Malware scanning

Malice review

MultiScanner

Introduction

MultiScanner helps malware analysts by providing a toolkit to perform both automated and manual analysis. The data extracted from the analysis can be easily stored together, including the relevant metadata and samples. It allows enriching the data further by retrieving information from external resources.

Project details

Strengths and weaknesses

+ More than 10 contributors
+ The source code of this software is available

Typical usage

Malware analysis
Malware detection
Malware scanning

MultiScanner review

PyREBox

Introduction

PyREBox is short for Python scriptable Reverse Engineering Sandbox. It provides dynamic analysis and debugging capabilities of a running QEMU virtual machine. The primary usage is the analysis of running processes to perform reverse engineering. PyREBox can change parts of the running system by changing data in memory or within processor registers.

Project details

PyREBox is written in C++, Python.

Strengths and weaknesses

+ The source code of this software is available

Typical usage

Binary analysis
Malware analysis
Reverse engineering

PyREBox review

YaraGuardian

Introduction

YaraGuardian provides a web-based interface that helps to manage Yara rules. It can be used to search, organize, and bulk-edit rules. The tool also prevents creating duplicate entries, which is a nice additional benefit of this management utility.

Project details

YaraGuardian is written in Python.

Strengths and weaknesses

+ The source code of this software is available

Typical usage

Malware analysis

YaraGuardian review

bamfdetect

Introduction

With bamfdetect, malware and bots can be analyzed. It identifies and extracts information and returns data in JSON format.

Project details

bamfdetect is written in Python.

Strengths and weaknesses

+ The source code of this software is available

Typical usage

Malware analysis
Malware scanning

bamfdetect review

radare2

Introduction

Radare2 is a popular framework to perform reverse engineering on many different file types. It can be used to analyze malware, firmware, or any other type of binary files. Besides reverse engineering, it can be used for forensics on filesystems and do data carving. Tasks can be scripted and support languages like JavaScript, Go, and Python. Even software exploitation is one of the functions it can be used in.

Project details

radare2 is written in C.

Strengths and weaknesses

+ More than 500 contributors
+ More than 8000 GitHub stars
+ Many releases available
+ The source code of this software is available

Typical usage

Digital forensics
Reverse engineering
Software exploitation
Troubleshooting

radare2 review

GasMask

Introduction

GasMask is an open source intelligence gathering tool (OSINT). It can be used to discover more information about a particular target. The sources it uses include search engines like Bing, Google, and Yandex. Additionally it retrieves information from GitHub, YouTube, and social media platforms like Twitter.

Project details

Strengths and weaknesses

+ The source code of this software is available

Typical usage

Information gathering

GasMask review

Some relevant tool missing as an alternative to Intrigue Core? Please contact us with your suggestion.