Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
Josh Guild
@joshuaguild
If I need to use the API, I totally can.
Just wanted to make sure I wasn't missing anything in the UI
Jonathan Cran
@jcran
yeah api is probably easiest today, definitely not missing it in the UI, i just have been lazy and havent built it
i mean, if you know the flow, machine can work
there are some simple machines
image.png
but if you're doing exploratory stuff, i can see how selecting the group would be best
need to find someone with better frontend skills than i :p
Josh Guild
@joshuaguild
Ha. Right on, I'll poke around at the machines. I'm trying now to up the processing limits. Trying to bring our Threadripper box to its knees.
Thanks for the help!
Jonathan Cran
@jcran
hehe
here's my config for the m5.2xlarge's i run intrigue.io engines on:
(16GB)
:verbose: true :dynamic: true :concurrency: 120 :process_limits: task: 3 control: 1 task_enrichment: 55 task_browser: 5 task_autoscheduled: 55 task_scan: 3 app: 1
http://pastie.pentestify.com/show/5928fc73-d2ec-4997-bf2e-1caf3e978520
Jonathan Cran
@jcran
you could probably double the enrichement and autoscheduled with no problems, but i'm still having boxes fall over occasionally when scanning aws regions (all screenshots). somehow chromedriver seems to be losing track of the browser, and so it runs out of mem
but that config's pretty safe
f500 collection takes a couple hours to a couple days, depending on how big they are
Josh Guild
@joshuaguild
Nice, I'll test it out. I went big (400 concurrent, 100 enrichment, 100 autoscheduled, 30 scan) gonna check in on it today :)
It's a 2990X with 124 GB RAM so I have some headroom!
Jonathan Cran
@jcran
oh damn
yeah you're likely to hit limits in ruby concurrency before you have any trouble there
interested to know what you find
Jonathan Cran
@jcran
this is pretty cool:
image.png
enriching a uri will now auto-create an issue if a content check matches, and the :dynamic_issue lambda evaluates to true
the one that fired this:
image.png
https://github.com/intrigueio/intrigue-ident/blob/017646143e94b71366e434202d60f0ec17ffe58d/checks/content/content.rb#L31
so basically, you create a new content check, set it to always fire an issue when it hits, and it will
Josh Guild
@joshuaguild
So 400 concurrent blew up Ruby. Ha. I was getting a lot of failures, dialed it back a little and it seems okay. Do you think I could turn up the task_scan limits?
I'll keep trying to min/max it for the best outcome. I do have a few more questions of how iterations are handled (i.e. 4 vs. 6). I'm happy to write up some documentation as well since I'll be using this pretty heavily over the next few months :D
th3g3nt3lman1
@th3g3nt3lman1
Hey jonthan, maybe you got this question a lot, i just want to know whats the machine or VPS requirements that you use, or a user should use to have intrigueio run smoothly without headache for multiple targets or very big scopes, talking about storage and memory in specific.
Jonathan Cran
@jcran
hey @th3g3nt3lman1 - typically i'll run on a newer box with 16GB. i'm sure it'll run on less, but you might run into timeouts
regarding storage, i'd suggest at least 40-80gb
Jonathan Cran
@jcran
FYI, this community channel is being deprecated in favor of the slack channel. Drop an email to hello[-@-]intrigue.io if you'd like an invite. We may open it up in the future: https://intrigue-community.slack.com
Cector Kami
@cector_gitlab
I am facing issue with Migrate the database step for the installation of Intrgue.
When type #bundle install command
I am getting below error:
Don't run Bundler as root. Bundler can ask for sudo if it is needed, and
installing your bundle as root will break this application for all non-root
users on this machine.
Could not locate Gemfile
Please assist me, thanks a lot.
I am using 5.2.0-kali2-amd64
(Kali Linux)
Intrigue.io
@Intrigueio_twitter
invited to the slack channel, please ping me when you're in and i'll assist (jcran) ^
Intrigue.io
@Intrigueio_twitter
FYI, this community channel is being deprecated in favor of the slack channel. Drop an email to hello[-@-]intrigue.io if you'd like an invite. We may open it up in the future: https://intrigue-community.slack.com
Dehinde Molade
@dehinde007
I'm having a error on intrigue
@Intrigueio_twitter having an error on intrigue
Jonathan Cran
@jcran
pull the latest docker image and try again, we just pushed a bugfix that was preventing redis from starting
if you'd like to join the slack, dropp an email to hello-at-intrigue.io
http://core.intrigue.io/2019/03/19/intrigue-core-docker-image-one-liner/
Dehinde Molade
@dehinde007
Just did, nothing