DEV.co
Open-Source Security · codingo

Interlace

Interlace is a Python utility that parallelizes single-threaded command-line tools by distributing targets across multiple threads, supporting CIDR notation, glob patterns, and variable substitution. It's designed for security professionals running bulk scanning and enumeration tasks.

Source: GitHub — github.com/codingo/Interlace
1.3k
GitHub stars
187
Forks
Python
Primary language
GPL-3.0
License (OSI-approved)

Key facts

Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.

FieldValue
Repositorycodingo/Interlace
Ownercodingo
Primary languagePython
LicenseGPL-3.0 — OSI-approved
Stars1.3k
Forks187
Open issues8
Latest release1.6 (2019-08-19)
Last updated2025-09-12
Sourcehttps://github.com/codingo/Interlace

What Interlace is

Interlace wraps CLI commands and expands targets (CIDR, ranges, lists) into parallel execution threads with configurable concurrency, timeouts, and execution flow control via blockers and sequential blocks. It provides template variable replacement for targets, ports, proxies, and output paths.

Quickstart

Get the Interlace source

Clone the repository and explore it locally.

terminalbash
git clone https://github.com/codingo/Interlace.gitcd Interlace# follow the project's README for install & configuration

Need it deployed, integrated, or customized instead? DEV.co ships production installs.

Best use cases

Bulk Security Scanning Workflows

Parallelize nmap, nikto, or custom reconnaissance tools across large target lists without modifying the underlying tools or writing shell scripts.

Penetration Testing & Bug Bounty Automation

Execute OSCP-relevant enumeration commands at scale over CIDR blocks and hostlists, with ordered execution control via blockers to ensure prerequisites run first.

Multi-Target Service Enumeration

Run the same command over heterogeneous targets (mixed CIDR, hostnames, IPs) with per-target output directories and port/protocol variable injection.

Implementation considerations

  • Python 3.2–3.6 support noted in README; modern Python 3.9+ compatibility Unknown and should be tested before deployment.
  • Latest release (1.6) is from August 2019, but recent pushes (September 2025) indicate ongoing maintenance; evaluate actual code changes in recent commits.
  • Default thread limit is 5 and timeout 600 seconds; must tune for target scale and tool behavior to avoid resource exhaustion or premature timeouts.
  • Variable substitution and blocker syntax are simple but require careful command file design; incorrect use can cause race conditions or hanging threads.
  • Output handling relies on user-managed directories and variable placeholders; no built-in result aggregation or parsing.

When to avoid it — and what to weigh

  • Tools with Built-in Parallelization — If your target tool already handles multithreading (e.g., masscan, concurrent frameworks), Interlace adds orchestration overhead without benefit.
  • Complex Distributed Architectures — Interlace is single-machine threading; it does not distribute work across nodes or support cloud-scale parallel execution.
  • Real-time Interactive Tools — Tools requiring terminal interaction or session state are not well-suited to batch parallelization via command wrapping.
  • Strict Commercial License Requirements — GPL-3.0 license requires derivative works to be open-source; closed-source commercial integrations require license review or alternative tools.

License & commercial use

GPL-3.0 (GNU General Public License v3.0). This is a strong copyleft license requiring any derivative work or linked software to be distributed under GPL-3.0 and source code made available.

Interlace itself may be used commercially (e.g., by a penetration testing firm running scans). However, if you modify Interlace or integrate it into a proprietary product, you must release the full source code under GPL-3.0. Closed-source commercial derivatives are not permitted. Internal use (e.g., security team using unmodified tool) is compliant. Requires legal review if distribution or significant modification is planned.

DEV.co evaluation signals

Editorial assessment — not user reviews. Directional, with an explicit confidence level.

SignalAssessment
MaintenanceModerate
DocumentationAdequate
License clarityClear
Deployment complexityLow
DEV.co fitGood
Assessment confidenceMedium
Security considerations

Interlace does not validate or sanitize command inputs; user is responsible for safe variable substitution (e.g., using _safe-target_ to quote values). Parallelization across untrusted networks or targets may cause resource starvation or detection. No authentication, encryption, or privilege isolation; runs as the invoking user. Review generated commands for injection risks before execution, especially when combining user input with _target_ and _port_ variables.

Alternatives to consider

GNU Parallel

Mature, Unix-native tool for parallelizing commands over input lists with robust error handling, job control, and no licensing restrictions (GPL or permissive variants available). Steeper learning curve but more flexible.

xargs (BSD/GNU)

Lightweight, universally available for piping input to parallel jobs. No CIDR expansion, port ranges, or variable templating; requires preprocessing but integrates seamlessly into shell pipelines.

For closed-source or heavily integrated use, writing a minimal multithreading wrapper avoids GPL obligations and provides full control over output, error handling, and feature set.

Software development agency

Build on Interlace with DEV.co software developers

Integrate Interlace into your penetration testing pipeline to accelerate enumeration and scanning across large target lists. Check GitHub for setup and examples.

Talk to DEV.co

Related open-source tools

Surfaced by semantic similarity across the DEV.co open-source index.

Interlace FAQ

Can I use Interlace in a commercial penetration testing tool without releasing source code?
No. If you modify Interlace or ship it as part of a proprietary product, GPL-3.0 requires you to open-source the entire work. Use unmodified Interlace internally (compliant), or build a custom wrapper to avoid GPL inheritance.
What Python versions does Interlace support?
README declares Python 3.2|3.6. Compatibility with Python 3.7–3.12 is Unknown; test thoroughly before production use on modern Python versions.
How do I prevent race conditions when multiple threads hit the same target resource?
Use _blocker_ to serialize critical setup steps (e.g., mkdir) before parallel scanning, or _block:name_ to enforce sequential execution for sensitive commands within a block.
Is there support for distributed execution across multiple machines?
No. Interlace is single-machine, OS-level threading only. For distributed scanning, use Shodan, masscan, or custom distributed frameworks.

Custom software development services

Adopting Interlace is usually one piece of a larger software development effort. As a software development agency, DEV.co provides software development services and web development expertise — pairing senior software developers and web developers with your team to design, build, and operate open-source security software in production.

Automate Your Security Scanning Workflows

Integrate Interlace into your penetration testing pipeline to accelerate enumeration and scanning across large target lists. Check GitHub for setup and examples.