Vulnerability Created

Getting Started

This page will help you with subscribing to the vulnerability-created event.

This event can be used for the following:

  • Get details for all new vulnerabilities created on projects, for which you have access to;

Prerequisites

In order to subscribe to this event, you must have:

  • Access to the vulnerability-created event (see My Events to confirm).

  • A working client (see Setting Up Your Client for details).

  • Valid API Key (see Authentication for your key).

  • Network access to your AttackForge Enterprise tenant.

Subscribing To Event

  • NodeJS

  • Python

  • .NET

  • Java

  • Go

NodeJS

NodeJS Prerequisites

In order to subscribe to this event using the NodeJS client, you must have:

  • NodeJS v10+ installed

  • NPM installed

  • A working NodeJS client (see Setting Up Your Client for details).

Client configuration

Open a terminal and navigate to the client directory.

From the client directory, run following command, substituting variables below with your configuration details:

$ TENANT="YOUR-AFE-TENANT" EVENTS="vulnerability-created" X_SSAPI_KEY="YOUR-API-KEY" node .

An example is included below for reference:

$ TENANT="https://demo.attackforge.com" EVENTS="vulnerability-created" X_SSAPI_KEY="q9ef672kqZIQymCZRuiKMeWbeaXEzBzqRCfGcpWEpoBNU2Bk4UmtktsZVDDgRzlC0BOHH9x0y4EzbBGeSKO9PRskEmHATXHs2sVe7tS98U0DuDFjH0RdPFWUpgZDWgIESy9yNDesm6Xi8C9HsikddyBKsATXat2604dPrr4Ca86J8Y5IkEnqUwYzw3MoSbzHeXZ0DKHqKz6Icv9dtrsnAFzpXg1P423uRllq4LqFjP4J8hAtrWZ9296h3uh9B5Vp" node .

If your client is successfully subscribed to this event, you should see similar output in your terminal:

Subscribed to the following events: [ 'vulnerability-created' ]

Your client is now working and you will see new events output to the terminal as they are pushed from AttackForge.

You can now work on your integration code to start actioning these events. Open index.js with a text editor - the file is located in your client directory. Your code will replace the following section within this file:

/* ENTER YOUR INTEGRATION CODE HERE */
/* method contains the event type e.g. vulnerability-created */
/* params contains the event body e.g. JSON object with timestamp & vulnerability details */

Python

Python Prerequisites

In order to subscribe to this event using the Python client, you must have:

  • Python3 installed

  • PIP installed

  • A working Python client (see Setting Up Your Client for details).

Client configuration

Open a terminal and navigate to the client directory.

From the client directory, run following command, substituting variables below with your configuration details:

$ HOSTNAME="YOUR-AFE-HOSTNAME" EVENTS="vulnerability-created" X_SSAPI_KEY="YOUR-API-KEY" python3 main.py

An example is included below for reference:

$ HOSTNAME="demo.attackforge.com" EVENTS="vulnerability-created" X_SSAPI_KEY="q9ef672kqZIQymCZRuiKMeWbeaXEzBzqRCfGcpWEpoBNU2Bk4UmtktsZVDDgRzlC0BOHH9x0y4EzbBGeSKO9PRskEmHATXHs2sVe7tS98U0DuDFjH0RdPFWUpgZDWgIESy9yNDesm6Xi8C9HsikddyBKsATXat2604dPrr4Ca86J8Y5IkEnqUwYzw3MoSbzHeXZ0DKHqKz6Icv9dtrsnAFzpXg1P423uRllq4LqFjP4J8hAtrWZ9296h3uh9B5Vp" python3 main.py

If your client is successfully subscribed to the events, you should see similar output in your terminal:

Subscribed to the following events: [ 'vulnerability-created' ]

Your client is now working and you will see new events output to the terminal as they are pushed from AttackForge.

You can now work on your integration code to start actioning these events. Open main.py with a text editor - the file is located in your client directory. Your code will replace the following section within this file:

# ENTER YOUR INTEGRATION CODE HERE
# method contains the event type e.g. vulnerability-created
# params contains the event body e.g. JSON object with timestamp & vulnerability details

.NET

.NET Prerequisites

In order to subscribe to this event using the .NET client, you must have:

Client configuration

Open a terminal and navigate to the client directory.

From the client directory, run following command, substituting variables below with your configuration details:

$ HOSTNAME="YOUR-AFE-HOSTNAME" EVENTS="vulnerability-created" X_SSAPI_KEY="YOUR-API-KEY" dotnet run

An example is included below for reference:

$ HOSTNAME="demo.attackforge.com" EVENTS="vulnerability-created" X_SSAPI_KEY="q9ef672kqZIQymCZRuiKMeWbeaXEzBzqRCfGcpWEpoBNU2Bk4UmtktsZVDDgRzlC0BOHH9x0y4EzbBGeSKO9PRskEmHATXHs2sVe7tS98U0DuDFjH0RdPFWUpgZDWgIESy9yNDesm6Xi8C9HsikddyBKsATXat2604dPrr4Ca86J8Y5IkEnqUwYzw3MoSbzHeXZ0DKHqKz6Icv9dtrsnAFzpXg1P423uRllq4LqFjP4J8hAtrWZ9296h3uh9B5Vp" dotnet run

If your client is successfully subscribed to the events, you should see similar output in your terminal:

Subscribed to the following events: [ 'vulnerability-created' ]

Your client is now working and you will see new events output to the terminal as they are pushed from AttackForge.

You can now work on your integration code to start actioning these events. Open Program.cs with a text editor from your client directory. Your code will replace the following section within this file:

/* ENTER YOUR INTEGRATION CODE HERE */
/* method contains the event type e.g. vulnerability-created */
/* params contains the event body e.g. JSON object with timestamp & vulnerability details */

Java

Java Prerequisites

In order to subscribe to this event using the Java client, you must have:

  • OpenJDK 11 installed

  • Maven installed

  • A working Java client (see Setting Up Your Client for details).

Client configuration

Open a terminal and navigate to the client directory.

From the client directory, run following command, substituting variables below with your configuration details:

$ HOSTNAME="YOUR-AFE-HOSTNAME" EVENTS="vulnerability-created" X_SSAPI_KEY="YOUR-API-KEY" java -jar target/afe-ssapi-events-java-client-1.0-SNAPSHOT-jar-with-dependencies.jar

An example is included below for reference:

$ HOSTNAME="demo.attackforge.com" EVENTS="vulnerability-created" X_SSAPI_KEY="q9ef672kqZIQymCZRuiKMeWbeaXEzBzqRCfGcpWEpoBNU2Bk4UmtktsZVDDgRzlC0BOHH9x0y4EzbBGeSKO9PRskEmHATXHs2sVe7tS98U0DuDFjH0RdPFWUpgZDWgIESy9yNDesm6Xi8C9HsikddyBKsATXat2604dPrr4Ca86J8Y5IkEnqUwYzw3MoSbzHeXZ0DKHqKz6Icv9dtrsnAFzpXg1P423uRllq4LqFjP4J8hAtrWZ9296h3uh9B5Vp" java -jar target/afe-ssapi-events-java-client-1.0-SNAPSHOT-jar-with-dependencies.jar

If your client is successfully subscribed to the events, you should see similar output in your terminal:

Subscribed to the following events: [ 'vulnerability-created' ]

Your client is now working and you will see new events output to the terminal as they are pushed from AttackForge.

You can now work on your integration code to start actioning these events. Open ./src/main/java/com/attackforge/App.java with a text editor from your client directory. Your code will replace the following section within this file:

/* ENTER YOUR INTEGRATION CODE HERE */
/* method contains the event type e.g. vulnerability-created */
/* params contains the event body e.g. JSON object with timestamp & vulnerability details */

Go

Go Prerequisites

In order to subscribe to this event using the Go client, you must have:

  • Go installed

  • A working Go client (see Setting Up Your Client for details).

Client configuration

Open a terminal and navigate to the client directory.

From the client directory, run following command, substituting variables below with your configuration details:

$ HOSTNAME="YOUR-AFE-HOSTNAME" EVENTS="vulnerability-created" X_SSAPI_KEY="YOUR-API-KEY" ./afe-ssapi-events-go-client

An example is included below for reference:

$ HOSTNAME="demo.attackforge.com" EVENTS="vulnerability-created" X_SSAPI_KEY="q9ef672kqZIQymCZRuiKMeWbeaXEzBzqRCfGcpWEpoBNU2Bk4UmtktsZVDDgRzlC0BOHH9x0y4EzbBGeSKO9PRskEmHATXHs2sVe7tS98U0DuDFjH0RdPFWUpgZDWgIESy9yNDesm6Xi8C9HsikddyBKsATXat2604dPrr4Ca86J8Y5IkEnqUwYzw3MoSbzHeXZ0DKHqKz6Icv9dtrsnAFzpXg1P423uRllq4LqFjP4J8hAtrWZ9296h3uh9B5Vp" ./afe-ssapi-events-go-client

If your client is successfully subscribed to this event, you should see similar output in your terminal:

Subscribed to the following events: [ 'vulnerability-created' ]

Your client is now working and you will see new events output to the terminal as they are pushed from AttackForge.

You can now work on your integration code to start actioning these events. Open main.go with a text editor from your client directory. Your code will replace the following section within this file:

/* ENTER YOUR INTEGRATION CODE HERE */
/* method contains the event type e.g. vulnerability-created */
/* params contains the event body e.g. JSON object with timestamp & vulnerability details */

Example Response

The event emitted will include the following information:

method: vulnerability-created
params:
{
  timestamp: 2021-01-01T00:00:00.000Z,
  data:
  {
    "vulnerability_id": "60fe2f7747d2c400306bd808",
    "vulnerability_alternate_id": "PROJECTX-1",
    "vulnerability_is_visible": true,
    "vulnerability_is_deleted": false,
    "vulnerability_created": "2021-01-01T03:43:51.665Z",
    "vulnerability_modified": "2021-01-01T03:43:51.665Z",
    "vulnerability_title": "ASP.NET Misconfiguration: Creating Debug Binary",
    "vulnerability_priority": "Info",
    "vulnerability_cvssv3_vector": "AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H/E:P/RL:O/RC:R/CR:L/IR:L/AR:X/MAV:N/MAC:L/MPR:L/MUI:N/MS:C/MC:N/MI:X/MA:N",
    "vulnerability_cvssv3_base_score": "7.1",
    "vulnerability_cvssv3_temporal_score": "6.1",
    "vulnerability_cvssv3_environmental_score": "3.6",
    "vulnerability_status": "Open",
    "vulnerability_status_updated": "2021-01-01T03:43:51.665Z",
    "vulnerability_retest": "No",
    "vulnerability_likelihood_of_exploitation": 5,
    "vulnerability_steps_to_reproduce": "Lorem ipsum...",
    "vulnerability_steps_to_reproduce_HTML": "<..>Lorem ipsum...",
    "vulnerability_tags": [
      "CWE-11",
      "CAPEC-25"
    ],
    "vulnerability_is_zeroday": "No",
    "vulnerability_notes": [
      {
        "note": "Lorem ipsum...",
        "note_html": "<p>Lorem ipsum...</p>",
        "type": "PLAINTEXT/RICHTEXT"
      }
    ],
    "vulnerability_description": "Lorem ipsum...",
    "vulnerability_attack_scenario": "Lorem ipsum...",
    "vulnerability_remediation_recommendation": "Lorem ipsum...",
    "vulnerability_remediation_notes": [
      {
        "note": "...",
        "created": "...",
        "created_by": "..."
      }
    ],
    "vulnerability_affected_asset_name": "attackforge.com",
    "vulnerability_affected_asset_id": "60d59ce05e2fc4002f1f0b0d",
    "vulnerability_affected_asset_library_id": "60d59ce05e2fc4002f1f0b0e",
    "vulnerability_affected_asset_library_external_id": "Lorem ipsum...",
    "vulnerability_affected_assets": [
      {
        "asset": {
          "id": "60d59ce05e2fc4002f1f0b0d",
          "name": "...",
          "library_id": "...",
          "library_external_id": "...",
          "custom_fields": [
            { 
              "key": "...",
              "value": "...",
              "type": "Field"
            }
          ],
        },
        "notes": [
          "..."
        ],
        "tags": [
          "..."
        ],
        "actioned": true,
        "components": [
          {
            "name": "...",
            "notes": [
              "..."
            ],
            "tags": [
              "..."
            ]
          }
        ]
      }
    ],
    "vulnerability_projects" : [
      {
        "code" : "...",
        "custom_fields" : [
          {
             "key" : "...",
             "type" : "Field/Tag",
             "value" : "..."
          }
        ],
        "groups": [
          {
             "id": "60d59ce05e2fc4002f1r1B1p", 
             "name": "US Technology Group"
          }
        ],
        "id" : "...",
        "name" : "..."
      }
    ],
    "vulnerability_discovered_by": "Bruce Wayne",
    "vulnerability_evidence": [
      {
        "file_name": "screenshot.png",
        "file_name_custom": "exploit1.png",
        "storage_name": "123hkjas...",
        "file_type": "image/png",
        "file_size_kb": "6480"
      }
    ],
    "vulnerability_custom_fields": [
      {
        "key": "...",
        "value": "...",
        "type": "Tag/Field"
      }
    ],
    "vulnerability_library_custom_fields": [
      {
        "key": "...",
        "value": "...",
        "type": "Tag/Field"
      }
    ],
    "vulnerability_affected_asset_custom_fields": [
      {
        "key": "...", 
        "value": "..."
      }
    ],
    "vulnerability_sla": "...",
    "vulnerability_release_date": "...",
    "vulnerability_target_remediation_date": "..."
  }
}

Last updated

Check YouTube for more tutorials: https://youtube.com/@attackforge