Writeups

Overview

AttackForge utilises centralized vulnerability writeup libraries which makes it fast & easy to create new vulnerabilities on your projects.

Every writeup acts as a template, which can then be re-used on projects. This means you only need to write the issue once - saving you hours of reporting time for every single project.

The libraries are separated into 4 areas:

  • Main Library

    • This is the primary source of your vulnerability write-ups/templates.

    • It contains 1300+ pre-loaded vulnerabilities that come with AttackForge. You can also add your own.

    • This library is shared by default, which means any user on a project with permissions to create vulnerabilities for the project, will be able to use any of the writeups in this library.

    • Access to this library can be restricted to certain roles, users or groups. For more information please check your Admin Configuration Options.

  • Imported Library

    • This is where you can find all of the vulnerabilities you have imported from various tools & scanners.

    • This library is shared by default, which means any user on a project with permissions to create vulnerabilities for the project, will be able to use any of the writeups in this library.

    • Access to this library can be restricted to certain roles, users or groups. For more information please check your Admin Configuration Options.

  • Project Library

    • This is where you can access writeups that are designated to specific projects.

    • This is useful if you have project-specific or sensitive data which you would like to seperate from the Main and Imported libraries which are shared libraries.

    • Only users with access to the project will be able to view and use writeups belonging to the project.

    • Access to this library can be restricted to certain roles, users or groups. For more information please check your Admin Configuration Options.

  • Custom Libraries

    • Access to this library can be restricted to certain roles, users or groups. For more information please check your Admin Configuration Options.

For details on access controls to the Writeups libraries - see Access Control Matrix

Creating a Writeup

To create a new writeup, click on New button. Selecting which library you wish to assign the vulnerability to - Main, Imported, Project or Custom.

If you select Imported - you will be required to enter additional information regarding to the source/tool where the vulnerability is being imported from.

If you select Project - you will be required to link the vulnerability to at least one (1) project. Only users with access to the linked project(s) will be able to use this write-up when creating a new vulnerability on the linked projects.

After you have selected the library, you can proceed to enter in the information relating to the vulnerability. You can also search for an existing write-up, which will pre-fill the fields for you to make it faster.

You can create a placeholder CVSS score which will be loaded when a user selects this vulnerability to add on their projects. This makes it easier to set a default score for vulnerabilities.

You can add tags and custom tags. This is useful if you are using sections within your custom reports, or exporting custom tags for vulnerabilities into your tools. You can enter any name and value for the custom tags.

Custom fields may be configured for your writeups. See this link for more details.

Updating Writeups

You can update or modify the write-ups at any time by clicking on Edit button for the writeup you wish to update.

!IMPORTANT: updates to write-ups will affect all linked vulnerabilities on all linked projects.

Custom Libraries

Admins can configure custom libraries with access controls.

All Writeups

This is where you can see all writeups in AttackForge. It is restricted to Admin users only.

Archived Writeups

This is where you can see all archived writeups in AttackForge. It is restricted to Admin users only.

You can archive a writeup by using the actions menu and selecting Archive. Any writeups you archive from the library will be relocated to the Archived Vulnerabilities section and will no longer be selectable on projects for new vulnerabilities or changes to existing vulnerabilities.

However, archived writeups will still be referenced on existing projects - so that the integrity of vulnerabilities on a project remains in-tact.

Admins can restore writeups if required to do so.

Moving Writeups Between Libraries

You can move writeups between libraries by first selecting the writeups, then clicking on Reassign from the actions menu.

Select the option for the library you would like to assign the vulnerabilities to.

Importing Writeups

You can import additional vulnerability knowledge-bases that AttackForge team has prepared and made available on our GitHub: https://github.com/AttackForge/Writeups

MITRE

Start by clicking on New -> Import Writeups.

Select a import source:

  • AttackForge Community - you can export your writeups in AttackForge Community, and import them into your AttackForge Core/Enterprise.

  • JSON - generic JSON import option. Includes a template file to help with preparing your data file for import.

  • CSV - generic CSV import option. Includes a template file to help with preparing your data file for import.

Select the writeups you would like to import.

You can make changes to the writeups prior to import.

Select which library you would like to import the writeups into.

Receive updates on import progress.

PreviousAssetsNextTest Suites

Last updated

Check YouTube for more tutorials: https://youtube.com/@attackforge