Legion: Automated Network Penetration Testing Framework

2 Min Read

Legion, a fork of SECFORCE’s Sparta, is an open source, easy-to-use, super-extensible and semi-automated network penetration testing framework that aids in discovery, reconnaissance and exploitation of information systems. Legion is developed and maintained by GoVanguard.


  • Automatic recon and scanning with NMAP, whataweb, nikto, Vulners, Hydra, SMBenum, dirbuster, sslyzer, webslayer and more (with almost 100 auto-scheduled scripts)
  • Easy to use graphical interface with rich context menus and panels that allow pentesters to quickly find and exploit attack vectors on hosts
  • Modular functionality allows users to easily customize Legion and automatically call their own scripts/tools
  • Highly customizable stage scanning for ninja-like IPS evasion
  • Automatic detection of CPEs (Common Platform Enumeration) and CVEs (Common Vulnerabilities and Exposures)
  • Realtime autosaving of project results and tasks

Notable changes from Sparta

  • Refactored from Python 2.7 to Python 3.6 and the elimination of depreciated and unmaintained libraries
  • Upgraded to PyQT5, increased responsiveness, less buggy, more intuitive GUI that includes features like:
    • Task completion estimates
    • 1-Click scan lists of ips, hostnames and CIDR subnets
    • Ability to purge results, rescan hosts and delete hosts
    • Granual NMAP scanning options
  • Support for hostname resolution and scanning of vhosts/sni hosts
  • Revise process queuing and execution routines for increased app reliability and performance
  • Simplification of installation with dependency resolution and installation routines
  • Realtime project autosaving so in the event some goes wrong, you will not loose any progress!
  • Docker container deployment option
  • Supported by a highly active development team

Share This Article
Leave a comment