AttackForge
Version: 1.0.1
AttackForge is used for penetration testing management and reporting platforms.
Connect AttackForge with LogicHub
- Navigate to Automations > Integrations.
- Search for AttackForge.
- Click Details, then the + icon. Enter the required information in the following fields.
- Label: Enter a connection name.
- Reference Values: Define variables here to templatize integration connections and actions. For example, you can use https://www.{{hostname}}.com where, hostname is a variable defined in this input. For more information on how to add data, see 'Add Data' Input Type for Integrations.
- Verify SSL: Select option to verify connecting server's SSL certificate (Default is Verify SSL Certificate).
- API Key: API Key for Attackforge
- Base URL: Base URL (Example 'https://demo.attackforge.com/api/ss' without quotes)
- Remote Agent: Run this integration using the LogicHub Remote Agent.
- After you've entered all the details, click Connect.
Actions for AttackForge
Create Project
To create a new project
Input Field
Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.
| Input Name | Description | Required |
|---|---|---|
| Project Body | Jinja-templated JSON containing project body to be passed in request. Example: '{"name":"{{project}}","code":"{{project_id}}","groups":["attackiq"],"startDate":"2021-06-03T00:00:00.000Z","endDate":"2025-06-04T00:00:00.000Z","scope":["90.120.234.991"],"testsuites":["Level II Web Application"],"scoringSystem":"CVSSv3.1","vulnerability_code":"VULN123","team_notifications":["critical","high"],"sla_activation":"automatic","portfolio_streams":[{"portfolioId":"123456789","streamId":"123456789"}]}'. | Required |
Output
JSON containing the following items:
{
"result": {
"project": {
"id": "...",
"name": "...",
"code": "...",
"organization_code": "...",
"vulnerability_code": "..."
"groups": [
{
"id": "...",
"name": "..."
}
],
"isOnHold": "...",
"startDate": "...",
"endDate": "...",
"scoring_system": "...",
"team_notifications": [
"..."
],
"admin_notifications": [
"..."
],
"start_stop_testing_email": "...",
"start_stop_testing_email_additional_recipients": [
"..."
],
"new_vulnerability_email_type": "...",
"new_vulnerability_email": "...",
"new_vulnerability_email_additional_recipients": [
"..."
],
"forced_emails": [
"..."
],
"sla_activation": "...",
"created": "...",
"last_updated": "...",
"custom_fields": [
{
"key": "...",
"value": "...",
"type": "Tag/Field"
}
],
"streams": [
{
"id": "...",
"name": "...",
"stream_portfolios": [
{
"id": "...",
"name": "...",
}
]
}
],
"features": {
"attack_chains": {
"access": {
"project_access_level": "...",
"roles": [
"..."
]
},
"enabled": true
},
"reporting": {
"access": {
"project_access_level": "...",
"roles": [
"..."
]
},
"enabled": true
},
"retesting": {
"access": {
"project_access_level": "...",
"roles": [
"..."
]
},
"enabled": true
},
"testcases": {
"access": {
"project_access_level": "...",
"roles": [
"..."
]
}
}
},
"pages": {
"summary": {
"access": {
"edit_project_access_levels": [
"..."
],
"edit_roles": [
"..."
],
"upload_project_access_levels": [
"..."
],
"upload_roles": [
"..."
],
"view_project_access_levels": [
"..."
],
"view_roles": [
"..."
]
},
"enabled": true
}
}
}
},
"error": null,
"has_error":false,
}
Create Vulnerability
This method can be used to create a vulnerability on a project you have access to using project identifier (Id).
Input Field
Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.
| Input Name | Description | Required |
|---|---|---|
| Vulnerability Body | Jinja-templated JSON containing vulnerability body to be passed in request. Example: '{"projectId":"123456789","title":"Lorem Ipsum","affected_asset_name":"AttackForge.com","priority":"Critical","likelihood_of_exploitation":10,"description":"Lorem Ipsum","attack_scenario":"Lorem Ipsum","remediation_recommendation":"Lorem Ipsum","steps_to_reproduce":"Lorem Ipsum","tags":["SQL","Injection"],"notes":[{"note":"Lorem Ipsum","type":"PLAINTEXT"}],"is_zeroday":false,"is_visible":true,"import_to_library":"Imported Vulnerabilities","import_source":"source","import_source_id":"123","custom_fields":[{"key":"vuln_external_id","value":"123"}],"linked_testcases":["Lorem Ipsum"],"custom_tags":[{"name":"ext_vuln_score","value":"123"}]}'. | Required |
Output
JSON containing the following items:
{
"result": {
"vulnerability": {
"vulnerability_id": "...",
"vulnerability_created": "...",
"vulnerability_modified": "...",
"vulnerability_title": "...",
"vulnerability_priority": "...",
"vulnerability_status": "...",
"vulnerability_retest": "...",
"vulnerability_likelihood_of_exploitation": 10,
"vulnerability_steps_to_reproduce": "...",
"vulnerability_tags": [
"..."
],
"vulnerability_is_zeroday": "...",
"vulnerability_notes": [
{
"note": "...",
"note_html": "...",
"type": "PLAINTEXT/RICHTEXT"
}
],
"vulnerability_description": "...",
"vulnerability_attack_scenario": "...",
"vulnerability_remediation_recommendation": "...",
"vulnerability_affected_asset_name": "...",
"vulnerability_affected_asset_id": "...",
"vulnerability_affected_assets": [
{
"asset": {
"id": "...",
"name": "...",
"library_id": "...",
"library_external_id": "...",
"custom_fields": [
{
"key": "...",
"value": "...",
"type": "Field"
}
],
},
"notes": [
"..."
],
"tags": [
"..."
],
"actioned": true,
"components": [
{
"name": "...",
"notes": [
"..."
],
"tags": [
"..."
]
}
]
}
],
"vulnerability_project_name": "...",
"vulnerability_project_id": "...",
"vulnerability_custom_fields": [
{
"key": "...",
"value": "...",
"type": "Tag/Field"
}
],
"vulnerability_sla": "...",
"vulnerability_release_date": "..."
}
},
"error": null,
"has_error":false,
}
Get Projects
Get details for all projects that the user has access to.
Input Field
Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.
| Input Name | Description | Required |
|---|---|---|
| Search Params | Jinja-templated JSON containing search params for projects to be passed in request. Example: '{"code":"Project123","name":"Test","startDate":"2021-06-03T00:00:00.000Z","endDate":"2021-06-04T00:00:00.000Z","status":"Testing","asset_name":"attackforge.com"}'. | Optional |
| Limit | Number of records to fetch. Default limit is 500. Max limit is 500. | Optional |
Output
JSON containing the following items:
{
"result": {
"count": 999,
"projects": [
{
"project_id": "...",
"project_name": "...",
"project_code": "...",
"project_organization_code": "...",
"project_vulnerability_code": "..."
"project_groups": [
{
"id": "...",
"name": "..."
}
],
"project_status": "...",
"project_extended_status": "...",
"project_testing_progress": "100%",
"project_on_hold": "...",
"project_start_date": "...",
"project_end_date": "...",
"project_scope": [
"..."
],
"project_scope_details": [
{
"id": "...",
"name": "...",
"asset_id": "..."
}
],
"project_scoring": "...",
"project_team_notifications": [
"..."
],
"project_admin_notifications": [
"..."
],
"project_start_stop_testing_email": "...",
"project_start_stop_testing_email_additional_recipients": [
"..."
],
"project_new_vulnerability_email_type": "...",
"project_new_vulnerability_email": "...",
"project_new_vulnerability_email_additional_recipients": [
"..."
],
"project_forced_emails": [
"..."
],
"project_executive_summary": "...",
"project_reporting_custom_fields": [
{
"key": "...",
"value": "...",
"type": "Tag/Field"
}
],
"project_attack_chains": [
{
"total": 999
}
],
"project_team": [
{
"id": "...",
"user_id": "...",
"first_name": "...",
"last_name": "...",
"access_level": "...",
"role": "...",
"email_notifications": [
"..."
],
"last_modified": "..."
}
],
"project_hold_history": [
{
"status": "...",
"reason": "...",
"created": "..."
}
],
"project_retests_requested": 999,
"project_retests_completed": 999,
"project_retesting_history: [
{
"retesting_round": 1,
"retesting_round_status": "...",
"retesting_custom_round_name": "...",
"retesting_custom_status_name": "...",
"retesting_round_actioned_by": {
"user_id": "...",
"user_first_name": "...",
"user_last_name": "..."
},
"retesting_round_vulnerabilities": [
{
"vulnerability_id": "...",
"vulnerability_alternate_id": "...",
"vulnerability_title": "...",
}
],
"created": "..."
}
],
"project_streams": [
{
"id": "...",
"name": "...",
"stream_portfolios": [
{
"id": "...",
"name": "...",
}
]
}
],
"project_total_assets": 999,
"project_total_testcases": 999,
"project_not_tested_testcases": 999,
"project_in_progress_testcases": 999,
"project_tested_testcases": 999,
"project_not_applicable_testcases": 999,
"project_total_vulnerabilities": 999,
"project_open_vulnerabilities": 999,
"project_closed_vulnerabilities": 999,
"project_retest_vulnerabilities": 999,
"project_critical_vulnerabilities": 999,
"project_critical_open_vulnerabilities": 999,
"project_critical_ready_for_retest_vulnerabilities": 999,
"project_critical_closed_vulnerabilities": 999,
"project_high_vulnerabilities": 999,
"project_high_open_vulnerabilities": 999,
"project_high_ready_for_retest_vulnerabilities": 999,
"project_high_closed_vulnerabilities": 999,
"project_medium_vulnerabilities": 999,
"project_medium_open_vulnerabilities": 999,
"project_medium_ready_for_retest_vulnerabilities": 999,
"project_medium_closed_vulnerabilities": 999,
"project_low_vulnerabilities": 999,
"project_low_open_vulnerabilities": 999,
"project_low_ready_for_retest_vulnerabilities": 999,
"project_low_closed_vulnerabilities": 999,
"project_info_vulnerabilities": 999,
"project_info_open_vulnerabilities": 999,
"project_info_ready_for_retest_vulnerabilities": 999,
"project_info_closed_vulnerabilities": 999,
"project_zeroday_vulnerabilities": 999,
"project_easily_exploitable_vulnerabilities": 999,
"project_cwe_top_25_vulnerabilities": 999,
"project_owasp_top_10_vulnerabilities": 999,
"project_pending_vulnerabilities": 999,
"project_testsuites": [
{
"id": "...",
"name": "..."
}
],
"project_created": "...",
"project_last_modified": "...",
"project_custom_fields": [
{
"key": "...",
"value": "...",
"type": "Tag/Field"
}
],
"project_features": {
"attack_chains": {
"access": {
"project_access_level": "...",
"roles": [
"..."
]
},
"enabled": true
},
"reporting": {
"access": {
"project_access_level": "...",
"roles": [
"..."
]
},
"enabled": true
},
"retesting": {
"access": {
"project_access_level": "...",
"roles": [
"..."
]
},
"enabled": true
},
"testcases": {
"access": {
"project_access_level": "...",
"roles": [
"..."
]
}
}
},
"project_pages": {
"summary": {
"access": {
"edit_project_access_levels": [
"..."
],
"edit_roles": [
"..."
],
"upload_project_access_levels": [
"..."
],
"upload_roles": [
"..."
],
"view_project_access_levels": [
"..."
],
"view_roles": [
"..."
]
},
"enabled": true,
"custom_fields": [
{
"key": "...",
"value": "...",
"type": "Tag/Field"
}
]
}
}
}
]
},
"error": null,
"has_error":false,
}
Get Vulnerabilities
Get details for all vulnerabilities this user has access to.
Input Field
Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.
| Input Name | Description | Required |
|---|---|---|
| Search Params | Jinja-templated JSON containing search params for vulnerabilities to be passed in request. Example: '{"priority":"Critical","startDate":"2021-06-03T00:00:00.000Z","endDate":"2021-06-04T00:00:00.000Z","altCustomFields":true}'. | Optional |
| Limit | Number of records to fetch. Default limit is 500. Max limit is 500. | Optional |
Output
JSON containing the following items:
{
"result": {
"count": 999,
"vulnerabilities":[
{
"vulnerability_id": "...",
"vulnerability_alternate_id": "...",
"vulnerability_created": "...",
"vulnerability_modified": "...",
"vulnerability_title": "...",
"vulnerability_priority": "...",
"vulnerability_cvssv3_vector": "...",
"vulnerability_cvssv3_base_score": "...",
"vulnerability_cvssv3_temporal_score": "...",
"vulnerability_cvssv3_environmental_score": "...",
"vulnerability_status": "...",
"vulnerability_status_updated": "...",
"vulnerability_retest": "...",
"vulnerability_likelihood_of_exploitation": 10,
"vulnerability_steps_to_reproduce": "...",
"vulnerability_steps_to_reproduce_HTML": "...",
"vulnerability_tags": [
"..."
],
"vulnerability_is_zeroday": "...",
"vulnerability_notes": [
{
"note": "...",
"note_html": "...",
"type": "PLAINTEXT/RICHTEXT"
}
],
"vulnerability_description": "...",
"vulnerability_attack_scenario": "...",
"vulnerability_remediation_recommendation": "...",
"vulnerability_remediation_notes": [
{
"id": "...",
"note": "...",
"note_html": "...",
"created": "...",
"created_by": "..."
}
],
"vulnerability_affected_asset_name": "...",
"vulnerability_affected_asset_id": "...",
"vulnerability_affected_asset_library_id": "...",
"vulnerability_affected_asset_library_external_id": "...",
"vulnerability_affected_assets": [
{
"asset": {
"id": "...",
"name": "...",
"library_id": "...",
"library_external_id": "...",
"custom_fields": [
{
"key": "...",
"value": "...",
"type": "Field"
}
],
},
"notes": [
"..."
],
"tags": [
"..."
],
"actioned": true,
"components": [
{
"name": "...",
"notes": [
"..."
],
"tags": [
"..."
]
}
]
}
],
"vulnerability_projects" : [
{
"code" : "...",
"custom_fields" : [
{
"key" : "...",
"type" : "Field/Tag",
"value" : "..."
}
],
"groups": [
{
"id": "...",
"name": "..."
}
],
"id" : "...",
"name" : "..."
}
],
"vulnerability_discovered_by": "...",
"vulnerability_evidence": [
{
"file_name": "...",
"file_name_custom": "...",
"storage_name": "...",
"file_type": "...",
"file_size_kb": "..."
}
],
"vulnerability_library_files": [
{
"file_name": "...",
"file_name_custom": "...",
"storage_name": "...",
"file_type": "...",
"file_size_kb": "..."
}
],
"vulnerability_custom_fields": [
{
"key": "...",
"value": "...",
"type": "Tag/Field"
}
],
"vulnerability_library_custom_fields": [
{
"key": "...",
"value": "...",
"type": "Tag/Field"
}
],
"vulnerability_affected_asset_custom_fields": [
{
"key": "...",
"value": "..."
}
],
"vulnerability_sla": "...",
"vulnerability_release_date": "...",
"vulnerability_target_remediation_date": "...",
"vulnerability_user": {
"user_id": "...",
"first_name": "...",
"last_name": "..."
},
"vulnerability_testcases": ["..."]
}
]
},
"error": null,
"has_error":false,
}
Release Notes
v1.0.1- Initial release with 4 Actions -Create Project,Create Vulnerability,Get ProjectsandGet Vulnerabilities.
Updated 1 day ago