LogoLogo
  • AttackForge Support
  • Release Notes
    • 2025
    • 2024
    • 2023
    • 2022
    • 2021
    • 2020
    • 2019
  • Core & Enterprise
    • Getting Started
      • How It Works
      • Requesting A Project
      • Creating & Updating Projects
      • Invite User To Project
      • View Project Team
      • Project Scope
      • Project Workspace
      • Project Notes
      • Project Pages
      • Test Cases
      • Creating Vulnerabilities
      • Updating Vulnerabilities
      • Review & QA
      • Attack Chains
      • Reporting
      • Retesting & Remediation
      • Notifications
      • Custom Fields & Forms
      • Vulnerability SLAs
      • User Settings
      • Login Redirects
    • Modules
      • Dashboard
      • Analytics
      • Vulnerabilities
      • Projects
      • Scheduling
      • Portfolios
      • Groups
      • Attack Chains
      • Assets
      • Writeups
      • Test Suites
      • Report Templates
        • Overview
        • Tutorial
        • Tips & Tricks
        • Troubleshooting
        • Template - Report Templates
        • Template - Tags
        • Template - Options
        • Template - Functions
        • Template - Filters
        • Template - Styles
        • Template - Tables
        • Template - Charts
        • Template - Conditions
        • ReportGen CLI
        • ReportGen Library
      • Users
      • Administration
      • Flows
      • Self-Service RESTful API
        • GETTING STARTED
        • EXPORTING TO CSV
        • ADVANCED QUERY FILTER
        • ActivateUser
        • AddProjectMembershipAdministrators
        • AddTestcaseToTestsuite
        • AddTestcasesToTestsuite
        • AddUserToGroup
        • ApproveProjectRequestById
        • ArchivePortfolio
        • ArchiveProject
        • CancelProjectRetestRound
        • CloneProject
        • CompleteProjectRetestRound
        • CreateAssetInLibrary
        • CreateGroup
        • CreatePortfolio
        • CreateProject
        • CreateProjectNote
        • CreateProjectRequest
        • CreateProjectTestCase
        • CreateProjectWorkspaceNote
        • CreateRemediationNote
        • CreateScope
        • CreateTestcaseNote
        • CreateTestsuite
        • CreateUser
        • CreateUsers
        • CreateVulnerability
        • CreateVulnerabilityBulk
        • CreateVulnerabilityLibraryIssue
        • CreateVulnerabilityWithLibrary
        • DeactivateUser
        • DownloadProjectTestCaseFile
        • DownloadProjectTestCaseNoteFile
        • DownloadProjectTestCaseWorkspaceNoteFile
        • DownloadVulnerabilityEvidence
        • DownloadVulnerabilityLibraryFile
        • DownloadWorkspaceFile
        • GetApplicationAuditLogs
        • GetAssets
        • GetAssetsByGroup
        • GetAssetInLibrary
        • GetAssetsInLibrary
        • GetCustomFieldsConfig
        • GetFormConfig
        • GetGroup
        • GetGroups
        • GetMostCommonVulnerabilities
        • GetMostFailedTestcases
        • GetMostVulnerableAssets
        • GetPortfolio
        • GetPortfolios
        • GetPortfolioStream
        • GetProjectAuditLogs
        • GetProjectById
        • GetProjects
        • GetProjectsAndVulnerabilities
        • GetProjectsByGroup
        • GetProjectMembershipAdministrators
        • GetProjectNotes
        • GetProjectReport
        • GetProjectReportData
        • GetProjectRequests
        • GetProjectRequestById
        • GetProjectTestcasesById
        • GetProjectVulnerabilitiesById
        • GetProjectWorkspace
        • GetTestsuiteById
        • GetTestsuites
        • GetUserByEmail
        • GetUserById
        • GetUserByUsername
        • GetUserAuditLogs
        • GetUserGroups
        • GetUserLoginHistory
        • GetUserProjects
        • GetUsers
        • GetVulnerabilityById
        • GetVulnerabilities
        • GetVulnerabilitiesByAssetName
        • GetVulnerabilitiesByGroup
        • GetVulnerabilityLibraryIssues
        • GetVulnerabilityRevisionHistory
        • InviteUserToProject
        • InviteUsersToProjectTeam
        • RejectProjectRequestById
        • RegenerateAPIKey
        • RemoveProjectMembershipAdministrators
        • RemoveProjectTeamMembers
        • RequestNewProjectRetest
        • RestoreProject
        • SendEmail
        • SendDailyCommencementEmail
        • SendDailyCompletionEmail
        • UpdateAssetInLibrary
        • UpdateCustomFieldsConfig
        • UpdateExecSummaryNotes
        • UpdateFormConfig
        • UpdateGroup
        • UpdatePortfolio
        • UpdateProjectById
        • UpdateProjectMembershipAdministrators
        • UpdateProjectNote
        • UpdateProjectRequestById
        • UpdateProjectRetestRound
        • UpdateProjectWorkspaceNote
        • UpdateScope
        • UpdateTestcase
        • UpdateTestcaseOnTestsuite
        • UpdateTestsuite
        • UpdateUserAccessOnGroup
        • UpdateUserAccessOnProject
        • UpdateUser
        • UpdateVulnerabilityById
        • UpdateVulnerabilityLibraryIssue
        • UpdateVulnerabilitySLAs
        • UpdateVulnerabilityWithLibrary
        • UploadTestcaseFile
        • UploadVulnerabilityEvidence
        • UploadVulnerabilityLibraryFile
        • UploadWorkspaceFile
      • Self-Service Events API
        • GETTING STARTED
        • Project Created
        • Project Updated
        • Project Request Created
        • Project Request Updated
        • Project Retest Requested
        • Project Retest Completed
        • Project Retest Cancelled
        • Vulnerability Created
        • Vulnerability Updated
        • Vulnerability Evidence Created
        • Vulnerability Evidence Updated
        • Vulnerability Remediation Note Created
        • Vulnerability Remediation Note Updated
    • AFScript
    • Access Control Matrix
    • Raising Support Tickets
    • Security
  • Contact
Powered by GitBook

Check YouTube for more tutorials: https://youtube.com/@attackforge

On this page
  • Parameters
  • Headers
  • Query
  • Example
  • Request
  • Response
  1. Core & Enterprise
  2. Modules
  3. Self-Service RESTful API

GetProjectsAndVulnerabilities

This method can be used for the following:

  • Get details for all projects (and their vulnerabilities) you have access to, with optional filter;

  • This API returns maximum of twenty (20) projects per request. Use skip filter for pagination.

  • Returned projects are sorted by created timestamp in descending order, i.e. latest created projects show first.

Parameters

The following URL, Headers and Parameters are required for requests to this API endpoint. Where a parameter is optional, it will be indicated. Otherwise treat all parameters as mandatory.

Headers

GET /api/ss/projects-and-vulnerabilities
HTTP/1.1Host: localhost:3000
X-SSAPI-KEY: APIKey
Content-Type: application/jsonConnection: close

Query

skip (number) (optional)

This API returns maximum of twenty (20) projects per request. Use this filter to adjust starting index for pagination.

Example:

GET /api/ss/projects-and-vulnerabilities?skip=20 HTTP/1.1

created (string) (optional)

Project created date to query projects from. Must be UTC string e.g. 2021-06-03T23:15:33.008Z.

Example:

GET /api/ss/projects-and-vulnerabilities?created=2021-06-03T00:00:00.000Z HTTP/1.1

altCustomFields (boolean) (optional)

Returns custom fields and custom tags in alternative format.

Example:

"vulnerability_custom_fields": {
  "fields": {
    "key": "value"
  },
  "tags": {
    "key": "value"
  }
}

Example:

GET /api/ss/projects-and-vulnerabilities?altCustomFields=true HTTP/1.1

q_project (string) (optional)

Provides options to query a custom selection of projects.

q_vulnerability (string) (optional)

Provides options to query a custom selection of vulnerabilities on the returned projects.

pendingVulnerabilities (boolean) (optional)

Return pending vulnerabilities only.

Example:

GET /api/ss/projects-and-vulnerabilities?pendingVulnerabilities=true HTTP/1.1

Example

The following example is a cURL request to get all projects and their vulnerabilities created since 1st January 2022.

Request

Include API Token instead of stars in 'X-SSAPI-KEY: ***************************************' parameter.

curl -X GET 'https://localhost:3000/api/ss/projects-and-vulnerabilities?created=2021-06-03T00:00:00.000Z' -H 'Host: localhost:3000' -H 'X-SSAPI-KEY: ***************************************' -H 'Content-Type: application/json' -H 'Connection: close'

Response

Response contains an array of projects including an array of vulnerabilities for each project.

{
  "count": 999,
  "projects": [
    {
      "project_id": "...",
      "project_name": "...",
      "project_code": "...",
      "project_organization_code": "...",
      "project_vulnerability_code": "..."
      "project_groups": [
        {
          "id": "...",
          "name": "..." 
        }
      ],
      "project_status": "...",
      "project_extended_status": "...",
      "project_testing_progress": "100%",
      "project_on_hold": "...",
      "project_start_date": "...",
      "project_end_date": "...",
      "project_scope": [
        "..."
      ],
      "project_scope_details": [
        {
          "id": "...",
          "name": "...",
          "asset_id": "..."
        }
      ],
      "project_scoring": "...",
      "project_team_notifications": [
        "..."
      ],
      "project_admin_notifications": [
        "..."
      ],
      "project_start_stop_testing_email": "...",
      "project_start_stop_testing_email_additional_recipients": [
        "..."
      ],
      "project_new_vulnerability_email_type": "...",
      "project_new_vulnerability_email": "...",
      "project_new_vulnerability_email_additional_recipients": [
        "..."
      ],
      "project_forced_emails": [
        "..."
      ],
      "project_executive_summary": "...",
      "project_reporting_custom_fields": [
        { 
          "key": "...",
          "value": "...",
          "type": "Tag/Field"
        }
      ],
      "project_attack_chains": [
        {
          "total": 999
        }
      ],
      "project_team": [
        {
          "id": "...",
          "user_id": "...", 
          "first_name": "...", 
          "last_name": "...", 
          "access_level": "...", 
          "role": "...", 
          "email_notifications": [
            "..."
          ], 
          "last_modified": "..."
        }
      ],
      "project_hold_history": [
        {
          "status": "...", 
          "reason": "...", 
          "created": "..."
        }
      ],
      "project_retests_requested": 999,
      "project_retests_completed": 999,
      "project_retesting_history: [
        {
          "retesting_round_id": "...",
          "retesting_round": 1,
          "retesting_round_status": "...",
          "retesting_round_actioned_by": {
            "user_id": "...",
            "user_first_name": "...",
            "user_last_name": "..."
          },
          "retesting_round_vulnerabilities": [
            {
              "vulnerability_id": "...",
              "vulnerability_alternate_id": "...",
              "vulnerability_title": "..."
            }
          ],
          "retesting_window_end": "...",
          "retesting_window_start": "...",
          "retesting_round_retested_vulnerabilities": [
            {
              "vulnerability_id": "...",
              "vulnerability_alternate_id": "...",
              "vulnerability_title": "..."
            }
          ]
        }
      ],
      "project_streams": [
        {
          "id": "...",
          "name": "...",
          "stream_portfolios": [
            {
              "id": "...",
              "name": "...",
            }
          ]
        }
      ],
      "project_total_assets": 999,
      "project_total_testcases": 999,
      "project_not_tested_testcases": 999,
      "project_in_progress_testcases": 999,
      "project_tested_testcases": 999,
      "project_not_applicable_testcases": 999,
      "project_total_vulnerabilities": 999,
      "project_open_vulnerabilities": 999,
      "project_closed_vulnerabilities": 999,
      "project_retest_vulnerabilities": 999,
      "project_critical_vulnerabilities": 999,
      "project_critical_open_vulnerabilities": 999,
      "project_critical_ready_for_retest_vulnerabilities": 999,
      "project_critical_closed_vulnerabilities": 999,
      "project_high_vulnerabilities": 999,
      "project_high_open_vulnerabilities": 999,
      "project_high_ready_for_retest_vulnerabilities": 999,
      "project_high_closed_vulnerabilities": 999,
      "project_medium_vulnerabilities": 999,
      "project_medium_open_vulnerabilities": 999,
      "project_medium_ready_for_retest_vulnerabilities": 999,
      "project_medium_closed_vulnerabilities": 999,
      "project_low_vulnerabilities": 999,
      "project_low_open_vulnerabilities": 999,
      "project_low_ready_for_retest_vulnerabilities": 999,
      "project_low_closed_vulnerabilities": 999,
      "project_info_vulnerabilities": 999,
      "project_info_open_vulnerabilities": 999,
      "project_info_ready_for_retest_vulnerabilities": 999,
      "project_info_closed_vulnerabilities": 999,
      "project_zeroday_vulnerabilities": 999,
      "project_easily_exploitable_vulnerabilities": 999,
      "project_cwe_top_25_vulnerabilities": 999,
      "project_owasp_top_10_vulnerabilities": 999,
      "project_pending_vulnerabilities": 999,
      "project_testsuites": [
        {
          "id": "...",
          "name": "..."
        }
      ],
      "project_created": "...",
      "project_last_modified": "...",
      "project_custom_fields": [
        {
          "key": "...", 
          "value": "...", 
          "type": "Tag/Field"
        }
      ],
      "project_features": {
        "attack_chains": {
          "access": {
            "project_access_level": "...",
            "roles": [
              "..."
            ]
          },
          "enabled": true
        },
        "reporting": {
          "access": {
            "project_access_level": "...",
            "roles": [
              "..."
            ]
          },
          "enabled": true
        },
        "retesting": {
          "access": {
            "project_access_level": "...",
            "roles": [
              "..."
            ]
          },
          "enabled": true
        },
        "testcases": {
          "access": {
            "project_access_level": "...",
            "roles": [
              "..."
            ]
          }
        }
      },
      "project_pages": {
        "summary": {
          "access": {
            "edit_project_access_levels": [
              "..."
            ],
            "edit_roles": [
              "..."
            ],
            "upload_project_access_levels": [
              "..."
            ],
            "upload_roles": [
              "..."
            ],
            "view_project_access_levels": [
              "..."
            ],
            "view_roles": [
              "..."
            ]
          },
          "enabled": true,
          "custom_fields": [
            {
              "key": "...",
              "value": "...",
              "type": "Tag/Field"
            }
          ]
        }
      },
      "project_vulnerabilities":[
        {
          "vulnerability_id": "...",
          "vulnerability_alternate_id": "...",
          "vulnerability_created": "...",
          "vulnerability_modified": "...",
          "vulnerability_title": "...",
          "vulnerability_priority": "...",
          "vulnerability_cvssv3_vector": "...",
          "vulnerability_cvssv3_base_score": "...",
          "vulnerability_cvssv3_temporal_score": "...",
          "vulnerability_cvssv3_environmental_score": "...",
          "vulnerability_status": "...",
          "vulnerability_status_updated": "...",
          "vulnerability_retest": "...",
          "vulnerability_likelihood_of_exploitation": 10,
          "vulnerability_steps_to_reproduce": "...",
          "vulnerability_steps_to_reproduce_HTML": "...",
          "vulnerability_tags": [
            "..."
          ],
          "vulnerability_is_zeroday": "...",
          "vulnerability_notes": [
            {
              "id": "...",
              "note": "...",
              "note_html": "...",
              "type": "PLAINTEXT/RICHTEXT"
            }
          ],
          "vulnerability_description": "...",
          "vulnerability_attack_scenario": "...",
          "vulnerability_remediation_recommendation": "...",
          "vulnerability_remediation_notes": [
            {
              "note": "...",
              "note_html": "...",
              "created": "...",
              "created_by": "..."
            }
          ],
          "vulnerability_affected_asset_name": "...",
          "vulnerability_affected_asset_id": "...",
          "vulnerability_affected_asset_library_id": "...",
          "vulnerability_affected_asset_library_external_id": "...",
          "vulnerability_affected_assets": [
            {
              "asset": {
                "id": "...",
                "name": "...",
                "library_id": "...",
                "library_external_id": "...",
                "custom_fields": [
                  { 
                    "key": "...",
                    "value": "...",
                    "type": "Field"
                  }
                ],
              },
              "notes": [
                "..."
              ],
              "tags": [
                "..."
              ],
              "actioned": true,
              "components": [
                {
                  "name": "...",
                  "notes": [
                    "..."
                  ],
                  "tags": [
                    "..."
                  ]
                }
              ]
            }
          ],
          "vulnerability_discovered_by": "...",
          "vulnerability_evidence": [
            {
              "file_name": "...",
              "file_name_custom": "...", 
              "storage_name": "...",
              "file_type": "...",
              "file_size_kb": "..."
            }
          ],
          "vulnerability_library_files": [
            {
              "file_name": "...",
              "file_name_custom": "...",
              "storage_name": "...",
              "file_type": "...",
              "file_size_kb": "..."
            }
          ],
          "vulnerability_custom_fields": [
            {
              "key": "...", 
              "value": "...", 
              "type": "Tag/Field"
            }
          ],
          "vulnerability_library_custom_fields": [
            {
              "key": "...", 
              "value": "...", 
              "type": "Tag/Field"
            }
          ],
          "vulnerability_affected_asset_custom_fields": [
            {
              "key": "...", 
              "value": "..."
            }
          ],
          "vulnerability_sla": "...",
          "vulnerability_release_date": "...",
          "vulnerability_target_remediation_date": "...",
          "vulnerability_user": {
            "user_id": "...",
            "first_name": "...",
            "last_name": "..."
          },
          "vulnerability_testcases": ["..."]
        }
      ]
    }
  ]
}
PreviousGetProjectsNextGetProjectsByGroup

Last updated 1 month ago

Please visit the following link for more details on how to use this filter:

Please visit the following link for more details on how to use this filter:

https://support.attackforge.com/attackforge-enterprise/modules/self-service-restful-api/advanced-query-filter
https://support.attackforge.com/attackforge-enterprise/modules/self-service-restful-api/advanced-query-filter