Semi-Automated Network Penetration Testing Framework: Legion

Legion is an open source, easy-to-use, super-extensible and semi-automated network penetration testing tool that aids in discovery, reconnaissance and exploitation of information systems.


  • Automatic recon and scanning with NMAP, whataweb, nikto, Vulners, Hydra, SMBenum, dirbuster, sslyzer, webslayer and more (with almost 100 auto-scheduled scripts)
  • Easy to use graphical interface with rich context menus and panels that allow pentesters to quickly find and exploit attack vectors on hosts
  • Modular functionality allows users to easily customize Legion and automatically call their own scripts/tools
  • Highly customizable stage scanning for ninja-like IPS evasion
  • Automatic detection of CPEs (Common Platform Enumeration) and CVEs (Common Vulnerabilities and Exposures)
  • Realtime autosaving of project results and tasks


  • Refactored from Python 2.7 to Python 3.6 and the elimination of depreciated and unmaintained libraries
  • Upgraded to PyQT5, increased responsiveness, less buggy, more intuitive GUI that includes features like:
    • Task completion estimates
    • 1-Click scan lists of ips, hostnames and CIDR subnets
    • Ability to purge results, rescan hosts and delete hosts
    • Granual NMAP scanning options
  • Support for hostname resolution and scanning of vhosts/sni hosts
  • Revise process queuing and execution routines for increased app reliability and performance
  • Simplification of installation with dependency resolution and installation routines
  • Realtime project autosaving so in the event some goes wrong, you will not loose any progress!
  • Docker container deployment option
  • Supported by a highly active development team




Assumes Ubuntu, Kali or Parrot Linux is being used with Python 3.6 installed. Other dependencies should automatically be installed. Within Terminal:
git clone
    cd legion
    sudo chmod +x
    sudo ./


Assumes Docker and Xauthority are installed. Within Terminal:
git clone
    cd legion/docker
    sudo chmod +x
    sudo ./

Post a Comment