Project Scope
Last updated
Last updated
Check YouTube for more tutorials: https://youtube.com/@attackforge
Project Scope is where all of the assets assigned to the project can be viewed or modified. You can also add new assets to the project.
Only Administrators, Project Coordinators or users with Edit access to the project can make updates to the scope on the project.
You can access the project scope by selecting Scope
from the project menu.
To create a new asset (or multiple assets) on the project, select Add Assets
.
If you are using the Assets module, you will have the option to select existing assets from the library. You can also create new assets in the library from here as well.
If you are not using the Assets module, you can enter your assets directly and configure your delimiter settings to handle multiple assets.
If you are not using the Assets module, you can modify assets by clicking on Edit
in the actions menu. A box will be displayed around the asset name allowing you to change it.
If you are using the Assets module, you must first delete the asset, then add a new asset.
You can delete assets by clicking on the Remove
button. You can also bulk delete assets by selecting them then clicking on Actions -> Remove
!IMPORTANT: You can only delete assets which are not already linked to an existing vulnerability on the project. If you attempt to do so, you will see an error message displayed. You must first either delete the vulnerabilities, or re-assign the vulnerabilities to a different asset, then you can delete the asset once it's no longer assigned to any vulnerabilities on the project. To re-assign vulnerabilities to different assets - please see Updating Affected Assets.
Tip: You can select all assets using the menu, and then delete all. This will remove any assets which are not already associated with a vulnerability. This can help to clean up your scope to focus on IPs which only have vulnerabilities - if required.
You can import assets directly to your projects from your NMAP
and Masscan
files, as well as generic JSON and CSV options.
You can also take advantage of the additional Hostnames and Ports fields if you are using the Assets Module.
These fields will be stored against the Asset in the module, so you can monitor and manage Hostnames and Ports centrally (outside of your projects).
You can also view and modify the data prior to importing.
You can download all of the assets assigned to the project in CSV format. This may help to get this data into other tools such as vulnerability scanners. You can perform this by clicking on Export as CSV
.