Writeups
Last updated
Last updated
Check YouTube for more tutorials: https://youtube.com/@attackforge
AttackForge utilizes centralized vulnerability writeup libraries which makes it fast & easy to create new vulnerabilities on your projects.
Writeups act as a knowledge-base to make creation to vulnerabilities quick and easy.
Writeups are linked to vulnerabilities. They are not copied to vulnerabilities. This is important as it means every vulnerability has a direct relationship to its writeup. This is useful to:
Ensure changes to a writeup (improved recommendations, spelling mistakes, etc.) gets propagated to all linked vulnerabilities.
Speed up the quality review process during a pentest, in conjunction with access controls.
Be able to properly determine unique vulnerabilities.
Every writeup acts as a template, which can then be re-used on projects. This means you only need to write the issue once - saving you hours of reporting time for every single project.
The Writeups Libraries
are separated into four (4) areas:
This is the primary source of your vulnerability writeups.
It contains 1500+ pre-loaded writeups from MITRE CWE and MITRE CAPEC that come with AttackForge. You can also add your own.
This library is shared by default, which means any user on a project with permissions to create vulnerabilities for the project, will be able to use any of the writeups in this library.
Access to this library can be restricted to certain roles, users or groups via Administration module.
This is where you can find all of the writeups you have imported from various tools & scanners.
This library is shared by default, which means any user on a project with permissions to create vulnerabilities for the project, will be able to use any of the writeups in this library.
Access to this library can be restricted to certain roles, users or groups via Administration module.
This is where you can access writeups that are designated to specific projects.
This is useful if you have project-specific or sensitive data which you would like to seperate from the Main and Imported libraries which are shared libraries.
Only users with access to the project will be able to view and use writeups belonging to the project.
Access to this library can be restricted to certain roles, users or groups via Administration module.
You can create custom libraries to suite your own needs. For example, you can create libraries for specific types of tests, or libraries for individual teams or testers, or libraries for particular technologies.
Access to this library can be restricted to certain roles, users or groups via Administration module.
For details on access controls to the Writeups libraries - see Access Control Matrix
!IMPORTANT: Users without Edit access to any Writeups libraries will not be able to import vulnerabilities on a project.
To create a new writeup, click on New
button.
Selecting which library you wish to assign the writeup to - Main
, Imported
, Project
or Custom
.
If you select Imported
- you will be required to enter additional information regarding to the source/tool where the writeup is being imported from.
If you select Project
- you will be required to link the vulnerability to at least one (1) project. Only users with access to the linked project(s) will be able to use this writeup when creating a new vulnerability on the linked projects.
After you have selected the library, you can proceed to enter in the information relating to the writeup. You can also search for an existing writeup, which will pre-fill the fields for you to make it faster.
You can create a placeholder CVSS
score which will be loaded when a user selects this writeup when creating a vulnerability on their project. This makes it easier to set a default score for vulnerabilities.
You can add tags and custom tags. This is useful if you are using sections within your custom reports, or exporting custom tags for vulnerabilities into your tools. You can enter any name and value for the custom tags.
Custom fields may be also be configured for your writeups. See this link for more details.
We're excited to be the first Pentest Management Platform to release a Secure Code Learning collaboration with SecDim - Dev-Native Attack & Defence Wargames.
With the power 💪 of SecDim and AttackForge, you can:
Explore a real vulnerability in a cloud native app. Debug and verify if your security patch can remediate the vulnerability
Train developers on how to fix vulnerabilities identified in their applications, during a pentest
Collaborate between engineers and security teams on how to best remediate vulnerabilities
Improve retesting pass rates for discovered vulnerabilities
Test your knowledge on how to fix common vulnerabilities and measure your effectiveness
Every Sandbox comes with a security test suite to simulate the exploitation of the vulnerability.
Sandboxes are integrated with git
so you can save your progress and pick it up again where you left off.
SecDim's catalogue is extensive, covering everything from AI, GraphQL, React, Kubernetes, to Web3. You can test your skills against modern security vulnerabilities inspired by real-world issues.
Each sandbox is deployed in a secure isolated Cloud Development Environment directly in your browser. You can debug, patch and test your code as if you were building an app.
Start by learning more about this integration, and when ready - switch the integration on.
Search SecDim's catalogue of vulnerable sandboxes which you can link to your Writeups.
When you create a vulnerability on a project, users will be able to see the linked SecDim sandboxes and launch a sandbox to get started.
You can update or modify the writeups at any time by clicking on Edit
button for the writeup you wish to update.
!IMPORTANT: updates to write-ups will affect all linked vulnerabilities on all linked projects.
You can create custom libraries to suite your own needs. For example, you can create libraries for specific types of tests, or libraries for individual teams or testers, or libraries for particular technologies.
Custom Libraries can be configured from the Administration module.
These are all of the Writeups which you have created.
This is where you can see all writeups you have access to.
This is where you can see all archived writeups in AttackForge. It is restricted to Admin users only.
You can archive a writeup by using the actions menu and selecting Archive
. Any writeups you archive from the library will be relocated to the Archived Writeups section and will no longer be selectable on projects for new vulnerabilities or changes to existing vulnerabilities.
However, archived writeups will still be referenced on existing projects - so that the integrity of vulnerabilities on a project remains in-tact.
Admins can restore writeups if required to do so.
You can move writeups between libraries by first selecting the writeups, then clicking on Reassign
from the actions menu.
Select the option for the library you would like to assign the vulnerabilities to.
You can import additional vulnerability knowledge-bases that AttackForge team has prepared and made available on our GitHub: https://github.com/AttackForge/Writeups
Start by clicking on New -> Import Writeups
.
Select a import source:
AttackForge Community - you can export your writeups in AttackForge Community, and import them into your AttackForge Core/Enterprise.
JSON - generic JSON import option. Includes a template file to help with preparing your data file for import.
CSV - generic CSV import option. Includes a template file to help with preparing your data file for import.
Select the writeups you would like to import.
You can make changes to the writeups prior to import.
Select which library you would like to import the writeups into.
Receive updates on import progress.