Projects

My Projects

AttackForge is built upon Projects. Each project has scope (assets) and findings (vulnerabilities). Vulnerabilities are linked to assets and to projects.

Projects can be any of the following, however is not limited to the following:

  • Red Team and Purple Team Assessments

  • Web Application Penetration Test

  • Web Services / API Penetration Test

  • Mobile Application Penetration Test

  • Network and Infrastructure Penetration Test

  • Wireless Network Assessment

  • Source Code Review

  • Configuration Audit

  • PCI-DSS Assessment

  • SCADA Assessment

  • OSINT Assessment

  • Physical Security Audit

Only Administrators, Project Coordinators, and delegated users can create a new project.

Projects module is where you can see all of your projects, including ones that you have created; or ones that you have been invited to by other users.

To create a new project, click on New -> Project from the page menu.

Otherwise for all other users, you can request a new project by clicking on New -> Project Request.

See Getting Started for more details on how to Create a New Project or how to Request a New Project.

You can click on any of the projects to drill down into the project view. From here, you can view testing progress, view vulnerabilities, download reports and more.

Retesting

You can toggle the projects table into a retesting view in order to see remediation related details for each project, such as how many vulnerabilities have been remediated or how many retests have been performed.

See Retesting & Remediation for more details on how to manage retesting.

User Projects

Authorized users can view projects on behalf of another user. This can be helpful for resource management and team planning.

Start by selecting User Projects from the menu, then select a user. You can filter the results further by searching projects where user is assigned a particular role. You can also toggle between a list view and a calendar view.

Archived Projects

Archived projects provides a list of all projects which have been archived.

Archived projects are hidden and only accessible to Admins. The results from the archived projects (such as vulnerabilities) are not included in Analytics or other sections with AttackForge.

Archived projects can be restored at any time by selecting Restore Project from the actions menu.

You can also delete projects entirely. This can be performed using the Destroy Project Data option.

!WARNING - once a project has been destroyed, there is no way to recover it or its data.

Pending Requests

Pending requests section provides a list of all project requests which are awaiting review & action.

The authorized users will be notified when a new project request is submitted and can commence the review process. The submitter will also be notified by email that their request is pending review.

Users can make modifications to their pending requests.

Authorized users can Approve or Reject requests.

If a request is Approved, the project will be automatically created and the customer will be invited to the project. The customer will be notified by email that their request was approved.

See Requesting a Project for more information on project requests.

Actioned Requests

All users can see the history of their project requests in the Actioned Requests section.

You can click on the request to drill down on the information which had been submitted & reviewed.

PreviousVulnerabilitiesNextScheduling

Last updated

Check YouTube for more tutorials: https://youtube.com/@attackforge