AttackForge
Search
K

GetProjectsAndVulnerabilities

This method can be used for the following:
  • Get details for all projects (and their vulnerabilities) you have access to, with optional filter;
  • This API returns maximum of twenty (20) projects per request. Use skip filter for pagination.
  • Returned projects are sorted by created timestamp in descending order, i.e. latest created projects show first.

Parameters

The following URL, Headers and Parameters are required for requests to this API endpoint. Where a parameter is optional, it will be indicated. Otherwise treat all parameters as mandatory.

Headers

GET /api/ss/projects-and-vulnerabilities
HTTP/1.1Host: localhost:3000
X-SSAPI-KEY: APIKey
Content-Type: application/jsonConnection: close

Query

skip (number) (optional)
This API returns maximum of twenty (20) projects per request. Use this filter to adjust starting index for pagination.
Example:
GET /api/ss/projects-and-vulnerabilities?skip=20 HTTP/1.1
created (string) (optional)
Project created date to query projects from. Must be UTC string e.g. 2021-06-03T23:15:33.008Z.
Example:
GET /api/ss/projects-and-vulnerabilities?created=2021-06-03T00:00:00.000Z HTTP/1.1
altCustomFields (boolean) (optional)
Returns custom fields and custom tags in alternative format.
Example:
"vulnerability_custom_fields": {
"fields": {
"key": "value"
},
"tags": {
"key": "value"
}
}
Example:
GET /api/ss/projects-and-vulnerabilities?altCustomFields=true HTTP/1.1
q_project (string) (optional)
Provides options to query a custom selection of projects.
Please visit the following link for more details on how to use this filter: https://support.attackforge.com/attackforge-enterprise/modules/self-service-restful-api/advanced-query-filter
q_vulnerability (string) (optional)
Provides options to query a custom selection of vulnerabilities on the returned projects.
Please visit the following link for more details on how to use this filter: https://support.attackforge.com/attackforge-enterprise/modules/self-service-restful-api/advanced-query-filter

Example

The following example is a cURL request to get all projects and their vulnerabilities created since 1st January 2022.

Request

Include API Token instead of stars in 'X-SSAPI-KEY: ***************************************' parameter.
curl -X GET 'https://localhost:3000/api/ss/projects-and-vulnerabilities?created=2021-06-03T00:00:00.000Z' -H 'Host: localhost:3000' -H 'X-SSAPI-KEY: ***************************************' -H 'Content-Type: application/json' -H 'Connection: close'

Response

Response contains an array of projects including an array of vulnerabilities for each project.
{
"count": 999,
"projects": [
{
"project_id": "...",
"project_name": "...",
"project_code": "...",
"project_organization_code": "...",
"project_vulnerability_code": "..."
"project_groups": [
{
"id": "...",
"name": "..."
}
],
"project_status": "...",
"project_extended_status": "...",
"project_testing_progress": "100%",
"project_on_hold": "...",
"project_start_date": "...",
"project_end_date": "...",
"project_scope": [
"..."
],
"project_scoring": "...",
"project_team_notifications": [
"..."
],
"project_admin_notifications": [
"..."
],
"project_start_stop_testing_email": "...",
"project_start_stop_testing_email_additional_recipients": [
"..."
],
"project_new_vulnerability_email_type": "...",
"project_new_vulnerability_email": "...",
"project_new_vulnerability_email_additional_recipients": [
"..."
],
"project_forced_emails": [
"..."
],
"project_executive_summary": "...",
"project_attack_chains": [
{
"total": 999
}
],
"project_team": [
{
"id": "...",
"user_id": "...",
"first_name": "...",
"last_name": "...",
"access_level": "...",
"role": "...",
"email_notifications": [
"..."
],
"last_modified": "..."
}
],
"project_hold_history": [
{
"status": "...",
"reason": "...",
"created": "..."
}
],
"project_retests_requested": 999,
"project_retests_completed": 999,
"project_retesting_history: [
{
"retesting_round": 1,
"retesting_round_status": "...",
"retesting_custom_round_name": "...",
"retesting_custom_status_name": "...",
"retesting_round_actioned_by": {
"user_id": "...",
"user_first_name": "...",
"user_last_name": "..."
},
"retesting_round_vulnerabilities": [
{
"vulnerability_id": "...",
"vulnerability_alternate_id": "...",
"vulnerability_title": "...",
}
],
"created": "..."
}
],
"project_streams": [
{
"id": "...",
"name": "...",
"stream_portfolios": [
{
"id": "...",
"name": "...",
}
]
}
],
"project_total_assets": 999,
"project_total_testcases": 999,
"project_not_tested_testcases": 999,
"project_in_progress_testcases": 999,
"project_tested_testcases": 999,
"project_not_applicable_testcases": 999,
"project_total_vulnerabilities": 999,
"project_open_vulnerabilities": 999,
"project_closed_vulnerabilities": 999,
"project_retest_vulnerabilities": 999,
"project_critical_vulnerabilities": 999,
"project_critical_open_vulnerabilities": 999,
"project_critical_ready_for_retest_vulnerabilities": 999,
"project_critical_closed_vulnerabilities": 999,
"project_high_vulnerabilities": 999,
"project_high_open_vulnerabilities": 999,
"project_high_ready_for_retest_vulnerabilities": 999,
"project_high_closed_vulnerabilities": 999,
"project_medium_vulnerabilities": 999,
"project_medium_open_vulnerabilities": 999,
"project_medium_ready_for_retest_vulnerabilities": 999,
"project_medium_closed_vulnerabilities": 999,
"project_low_vulnerabilities": 999,
"project_low_open_vulnerabilities": 999,
"project_low_ready_for_retest_vulnerabilities": 999,
"project_low_closed_vulnerabilities": 999,
"project_info_vulnerabilities": 999,
"project_info_open_vulnerabilities": 999,
"project_info_ready_for_retest_vulnerabilities": 999,
"project_info_closed_vulnerabilities": 999,
"project_zeroday_vulnerabilities": 999,
"project_easily_exploitable_vulnerabilities": 999,
"project_cwe_top_25_vulnerabilities": 999,
"project_owasp_top_10_vulnerabilities": 999,
"project_pending_vulnerabilities": 999,
"project_testsuites": [
{
"id": "...",
"name": "..."
}
],
"project_created": "...",
"project_last_modified": "...",
"project_custom_fields": [
{
"key": "...",
"value": "...",
"type": "Tag/Field"
}
],
"project_vulnerabilities":[
{
"vulnerability_id": "...",
"vulnerability_alternate_id": "...",
"vulnerability_created": "...",
"vulnerability_modified": "...",
"vulnerability_title": "...",
"vulnerability_priority": "...",
"vulnerability_cvssv3_vector": "...",
"vulnerability_cvssv3_base_score": "...",
"vulnerability_cvssv3_temporal_score": "...",
"vulnerability_cvssv3_environmental_score": "...",
"vulnerability_status": "...",
"vulnerability_status_updated": "...",
"vulnerability_retest": "...",
"vulnerability_likelihood_of_exploitation": 10,
"vulnerability_steps_to_reproduce": "...",
"vulnerability_steps_to_reproduce_HTML": "...",
"vulnerability_tags": [
"..."
],
"vulnerability_is_zeroday": "...",
"vulnerability_notes": [
{
"note": "...",
"note_html": "...",
"type": "PLAINTEXT/RICHTEXT"
}
],
"vulnerability_description": "...",
"vulnerability_attack_scenario": "...",
"vulnerability_remediation_recommendation": "...",
"vulnerability_remediation_notes": [
{
"note": "...",
"note_html": "...",
"created": "...",
"created_by": "..."
}
],
"vulnerability_affected_asset_name": "...",
"vulnerability_affected_asset_id": "...",
"vulnerability_affected_asset_library_id": "...",
"vulnerability_affected_asset_library_external_id": "...",
"vulnerability_affected_assets": [
{
"asset": {
"id": "...",
"name": "...",
"library_id": "...",
"library_external_id": "...",
"custom_fields": [
{
"key": "...",
"value": "...",
"type": "Field"
}
],
},
"notes": [
"..."
],
"tags": [
"..."
],
"actioned": true,
"components": [
{
"name": "...",
"notes": [
"..."
],
"tags": [
"..."
]
}
]
}
],
"vulnerability_discovered_by": "...",
"vulnerability_evidence": [
{
"file_name": "...",
"file_name_custom": "...",
"storage_name": "...",
"file_type": "...",
"file_size_kb": "..."
}
],
"vulnerability_custom_fields": [
{
"key": "...",
"value": "...",
"type": "Tag/Field"
}
],
"vulnerability_library_custom_fields": [
{
"key": "...",
"value": "...",
"type": "Tag/Field"
}
],
"vulnerability_affected_asset_custom_fields": [
{
"key": "...",
"value": "..."
}
],
"vulnerability_sla": "...",
"vulnerability_release_date": "...",
"vulnerability_target_remediation_date": "...",
"vulnerability_user": {
"user_id": "...",
"first_name": "...",
"last_name": "..."
}
}
]
}
]
}