AttackForge Enterprise

CreateProjectRequest

This method can be used for the following functionality: Create a new Request for Project in AttackForge

Parameters

The following URL, Headers and Parameters are required for requests to this API endpoint. Where a parameter is optional, it will be indicated. Otherwise treat all parameters as mandatory.

Headers

POST /api/ss/request HTTP/1.1
Host: demo.attackforge.com
X-SSAPI-KEY: APIKey
Content-Type: application/json
Connection: close

Query

name (string)

Name of the project.

Example:

{
"name": "..."
}

code (string)

Project code.

Example:

{
"code": "..."
}

groups (array of strings) (optional)

Groups to link to the project. Must match exact group names.

Example:

{
"groups": ["...", "...", "..."]
}

scope (array of strings)

Project scope / assets to be tested.

Example:

{
"scope": ["...", "...", "..."]
}

testsuites (array of strings)

Testsuites to assign to the project. Must match exact testsuite names.

Example:

{
"testsuites": ["...", "...", "..."]
}

startDate (string)

Desired project start date. String in YYYY-MM-DD format.

Example:

{
"startDate": "2020-01-01"
}

endDate (string)

Desired project end date. String in YYYY-MM-DD format.

Example:

{
"endDate": "2020-01-05"
}

test_window (array of strings)

Test window for the project. Must be one or more of the following: Weekdays-BusinessHours, Weekdays-NonBusinessHours, Weekends

Example:

{
"test_window": ["Weekdays-BusinessHours", "Weekends"]
}

onsite_testing (string)

Whether onsite testing is required or not. Must be one or more of the following: Yes, No

Example:

{
"onsite_testing": "Yes"
}

Example

The following example is a cURL request to create a new project request.

Request

Include API Token instead of stars in 'X-SSAPI-KEY: ***************************************' parameter.

curl -X POST 'https://demo.attackforge.com/api/ss/request' -H 'Host: demo.attackforge.com' -H 'X-SSAPI-KEY: ***************************************' -H 'Content-Type: application/json' -H 'Connection: close' -d '{
"name": "ACME Corp Web App Pentest",
"code": "DEMO9999",
"groups": ["ACME Corp Digital Team", "Pentest Team"],
"scope": ["test.com", "192.168.0.1"],
"testsuites": ["ASVS Level 2 Web Application", "OSSTMM v3.0 Infrastructure"],
"startDate": "2020-01-01",
"endDate": "2020-01-05",
"test_window": ["Weekdays-BusinessHours", "Weekends"],
"onsite_testing": "Yes"
}'

Response

Response contains a project request object.

{
"request": {
"id": "...",
"created": "...",
"last_updated": "...",
"name": "...",
"code": "...",
"groups": ["...", "...", "..."],
"scope": ["...", "..."],
"testsuites": ["...", "..."],
"startDate": "...",
"endDate": "...",
"test_window": ["...", "..."],
"onsite_testing": "..."
}
}