Packages and Binaries:

legion

Semi-automated network penetration testing tool
This package contains an open source, easy-to-use, super-extensible and semi-automated network penetration testing tool that aids in discovery, reconnaissance and exploitation of information systems.

Legion is a fork of SECFORCE’s Sparta.

Installed size: 7.51 MB
How to install: sudo apt install legion

Dependencies:
  • dirbuster
  • dnsmap
  • enum4linux
  • eyewitness | python3-selenium
  • feroxbuster
  • finger
  • hping3
  • httpx-toolkit
  • hydra
  • imagemagick
  • impacket-scripts
  • ldap-utils
  • mariadb-client-core
  • medusa
  • metasploit-framework
  • nbtscan
  • netcat-traditional
  • nfs-common
  • nikto
  • nmap
  • nuclei
  • perl
  • polenum
  • postgresql-client
  • python3
  • python3-colorama
  • python3-pandas
  • python3-pyexploitdb
  • python3-pyfiglet
  • python3-pyqt6
  • python3-pyshodan
  • python3-qasync
  • python3-requests
  • python3-rich
  • python3-serial-asyncio
  • python3-service-identity
  • python3-six
  • python3-sqlalchemy
  • python3-termcolor
  • python3-urllib3
  • rdesktop
  • rpcbind
  • rsh-redone-client | rsh-client
  • ruby
  • smbclient
  • smtp-user-enum
  • snmp
  • sparta-scripts
  • sqlmap
  • sslscan
  • sslyze
  • telnet
  • theharvester
  • unicornscan
  • urlscan
  • vncviewer
  • wafw00f
  • wapiti
  • whatweb
  • wordlists
  • wpscan
  • x11-apps
  • xserver-xephyr
  • xsltproc
  • xvfb
legion
root@kali:~# legion -h
usage: legion.py [-h] [--mcp-server] [--headless] [--web] [--tool-audit |
                 --tool-install-plan {kali,ubuntu} |
                 --tool-install {kali,ubuntu}] [--web-port WEB_PORT]
                 [--web-bind-all] [--web-transparent-ui]
                 [--input-file INPUT_FILE] [--discovery] [--staged-scan]
                 [--output-file OUTPUT_FILE] [--run-actions]

Start Legion

options:
  -h, --help            show this help message and exit
  --mcp-server          Start MCP server for AI integration
  --headless            Run Legion in headless (CLI) mode
  --web                 Run Legion with the local Flask web interface
  --tool-audit          Print a tool availability audit and exit
  --tool-install-plan {kali,ubuntu}
                        Print the generated install script for missing tools
                        on the selected platform and exit
  --tool-install {kali,ubuntu}
                        Run the generated install plan for missing tools on
                        the selected platform and exit
  --web-port WEB_PORT   Local web interface port
  --web-bind-all        When used with --web, bind the web interface to
                        0.0.0.0 instead of 127.0.0.1
  --web-transparent-ui  When used with --web, enable transparent UI effects
  --input-file INPUT_FILE
                        Text file with targets (hostnames, subnets, IPs, etc.)
  --discovery           Enable host discovery (default: enabled)
  --staged-scan         Enable staged scan
  --output-file OUTPUT_FILE
                        Output file (.legion or .json)
  --run-actions         Run scripted actions/automated attacks after
                        scan/import


Updated on: 2026-May-25