2023
AttackForge Version 2 is now generally available for Enterprise and Core customers!
AttackForge Version 2 sets an even higher benchmark for Pentest Management Platforms; further improving the way security and engineering teams, service providers, and customers interact and collaborate with each other on pentesting projects and programs.

We have redesigned the user interface to make it simpler to perform daily tasks, whilst providing more flexibility when you need it.
We have also made significant improvements to address feedback from customers over the years.
Some of the changes to AttackForge includes:
- Overall improvements to efficiency of daily workflows for pentesters, security managers, engineering and application teams.
- Redesigned user interface to make it faster and easier to perform many tasks, as well as addressed many previously reported limitations in version 1 interface.
- Lays the framework for many of the future roadmap enhancements we have planned for AttackForge.
- Reduced the number of screens and clicks required to perform many workflows.
- Performance improvements when using the application.
- Analytics has been improved to provide more information and comparison options.
- Portfolios has been redesigned to make it easier to track and analyze different portfolios and streams.
- Projects have been overhauled to have new dashboards; easy-to-access options; new quick actions; modals for easy data entry and access to data.
- New Vulnerabilities module, providing greater insights into your vulnerabilities.
- Administration has been redesigned to make it easier to apply configuration options.
- Self-service API documentation is now Open API v3 compliant, including more API reference documentation inside the application.
- More options in more places i.e., you can archive/clone projects from multiple areas, download reports from multiple areas, etc.
- Addressed feedback on wording and terminology to make user interface more consistent.
- New user interface components for rich-text editors, tables, dashboards, menus, forms, etc.
- And much more!..



Our Support Centre has been updated for version 2.
You can find more information at https://support.attackforge.com/attackforge-enterprise/getting-started
We have just released version 2.5 for AttackForge ReportGen: The ultimate pentest reporting tool!
This release includes six (6) new filters; three (3) new functions; and updates to existing filters.

You can use this new filter to resize images. It works by setting a max-width value in pixels. The height will be automatically adjusted to match the same ratio.
Example resizing images in Steps to Reproduce (Proof of Concept) to 300 pixels wide:
{#vulnerabilities}
{#affected_assets}
{#proof_of_concept}
{%inlineScreenshot | resize:[“300”]}
{/}{/}{/}
Example resizing images in styled Steps to Reproduce (Proof of Concept) to 300 pixels wide:
{#vulnerabilities}
{#affected_assets}
{@proof_of_concept_styled | resize:[“300”]}
{/}{/}
You can use this new filter to replace data.
And you wanted to remove the https:// part, so it appears as follows: application.com
You could do the following:
{#vulnerabilities}
{#affected_assets}
{asset | replace:[“https://”,“”]}
{/}{/}
You can use this new filter with a regular expression to replace data.
You could do the following:
{#vulnerabilities}
{#affected_assets}
{asset | replaceRegExp:[“[?].*”,“”]}
{/}{/}
You can use this new filter to split data based on a separator - and return a list of items.
For example, assuming you have tags in this format: tag1:value
And you only want to show the right-hand-side (value), you could do the following:
{#vulnerabilities}
{#tags}
{$declare[tagSplitCounter][0]}
{#this | split:[“:”]}
{#$greaterThan[tagSplitCounter][0]}{.}{/}
{#$equals[tagSplitCounter][0]}{$increment[tagSplitCounter][1]}{/}
{/}{/}{/}
This example makes use of this filter to split the tag based on colon (:) as the separator. It also uses functions as a way to instruct the logic to skip over the first iteration of the loop (tag1) and then print everything after that (value).
You can use the splitRegExp function to split data based on a Regular Expression separator - and return a list of items.
For example, if you wanted to only display the 1st paragraph of the vulnerability description, you could do the following:
{#vulnerabilities}
{title}
{$declare[SplitDecriptionOnParagraph][1]}
{#description | splitRegExp:[“\n\n“]}
{#$lessThanOrEqual[SplitDecriptionOnParagraph][1]}{.}{/}{$increment[SplitDecriptionOnParagraph][1]}
{/}{/}
You can use this new filter trim the whitespace before and after a tag as follows:
{#title | trim}
We have updated the Includes and Excludes filters to include support for Scope and Variables.
Includes Scope Example:
{#projectCustomFields}
{#customer_name}
{#projectGroups}
{#name | includes:[“%(../customer_name)”]}
Customer {customer_name} has access to this project.
{/}{/}{/}{/}
Includes Variables Example:
{$declare[CustomerName][“”]}
{#projectCustomFields}
{#customer_name}
{$assign[CustomerName][“%(customer_name)”]}
{/}{/}
{#projectGroups}
{#name | includes:[“$(CustomerName)”]}
Customer {$value[CustomerName]} has access to this project.
{/}{/}
You can use the new $includes function to check if a value exists or does not exist (excludes) within a variable.
To check if data exists:
{#$includes[variable][value]}{/}
To check if data does not exist (excludes):
{^$includes[variable][value]}{/}
The following example creates a unique list of affected asset names, then prints the list.
{$declare[UniqueAssets][[]]}
{#vulnerabilities}
{#affected_assets}
{^$includes[UniqueAssets]["%(asset)"]}
{$push[UniqueAssets]["%(asset)"]}
{/}{/}{/}
{#$value[UniqueAssets]}
{.}
{/}
You can use the new $append function to append data to an existing variable.
{$append[variable][value]}
Example below will create a new variable, then append the vulnerability title to it.
{$declare[VulnTitle]["Title: "]}
{#vulnerabilities[0]}
{$append[VulnTitle]["%(./)"]}
{/}
{$value[VulnTitle]}
You can use the new $sort function to sort the data within a variable.
To observe the variables available for sorting - use the $help function.
Example 1: Sort A List
{#$sort[UniqueAffectedEndpoints][":asc"]}{/}
Example 1: Single-Key Sort
{#$sort[UniqueAffectedEndpoints]["af_sys_affected_endpoint:desc"]}{/}
Example 2: Multi-Key Sort
{#$sort[UniqueOWASPTop10Vulns]["priority:asc","title:desc"]}{/}
Sometimes vulnerabilities are assigned for retesting, only to discover that engineers have jumped the gun and further adjustments might be needed before they are retested.
Customers/Engineers can now reassign vulnerabilities as Not Ready for Retesting in such cases.

Assignment of vulnerabilities as Ready for Retesting and Not Ready for Retesting can now be applied in bulk by customers.

The project request form is an integral part of the pentest project lifecycle. It is the important first step of the process, where customers can request a new project or assessment.
We have now made it possible to add hide conditions against the system fields.
This means you can extend the logic of your project request form to customise when and how the system fields are displayed during a new project request.
This provides more personalisation and better user experience for your customers.
Following on from the enhancement above, we have taken this one step further to now support ability to disable all system fields in project request form, if desired.
This allows you to create a fully custom project request form, tailored to your needs, without any implicit fields for your customers to complete.


In this release, we have improved our Self-Service REST APIs to provide more flexibility and options when interacting with AttackForge.
This endpoint can be used to clone an existing project. This is an effective way to:
- Prepare for a new round of testing
- Track vulnerabilities for specific assets across projects
- Focus retesting on open vulnerabilities
When cloning a project, the new project will get access to:
- Project settings, which can be adjusted for the new project - this includes name, codes, test suites, scope, email templates, portfolios, custom fields & project team
- Project workspace, included all notes & files previously uploaded / created (OPTIONAL)
- Project notes previously created (excluding private notes) (OPTIONAL)
- Executive summary, including uploaded files (OPTIONAL)
You can also select which vulnerabilities (if any) you would like to carry forward into the new project. This is useful for performing a retest on existing vulnerabilities, as part of the new round of testing.
For full details on how to use this endpoint, please visit https://support.attackforge.com/attackforge-enterprise/modules/self-service-restful-api/cloneproject
We have added support for advanced query filtering for REST endpoints: GetVulnerabilities, GetProjectVulnerabilities, GetVulnerabilitiesByAssetName, GetVulnerabilitiesByGroup
Advanced query filtering is used to select the exact data set you would like the API to return. The filter works like a database query, where you can specify fields & operators - these help to narrow down the results to the data you would need. This filter is only supported for selected API endpoints. Please check the documentation for each endpoint for more details.
For example, you can use this filter to return:
Critical or High vulnerabilities only:
curl -G -X GET 'https://YOURAFETENANT/api/ss/vulnerabilities' --data-urlencode 'q={ priority: { $in: ["Critical", "High" ] } }' -H 'Host: localhost:3000' -H 'X-SSAPI-KEY: ***' -H 'Content-Type: application/json' -H 'Connection: close'
Open Critical or Open High vulnerabilities only:
curl -G -X GET 'https://YOURAFETENANT/api/ss/vulnerabilities' --data-urlencode 'q={ $and: [ { priority: { $in: [ "Critical", "High" ] } }, { status: { $eq: "Open" } } ] }' -H 'Host: localhost:3000' -H 'X-SSAPI-KEY: ***' -H 'Content-Type: application/json' -H 'Connection: close'
Critical or High Ready for Retest vulnerabilities only:
curl -G -X GET 'https://YOURAFETENANT/api/ss/vulnerabilities' --data-urlencode 'q={ $and: [ { priority: { $in: [ "Critical", "High" ] } }, { is_retest: { $eq: "Yes" } } ] }' -H 'Host: localhost:3000' -H 'X-SSAPI-KEY: ***' -H 'Content-Type: application/json' -H 'Connection: close'
Critical or High vulnerabilities discovered in past 24 hours:
curl -G -X GET 'https://YOURAFETENANT/api/ss/vulnerabilities' --data-urlencode 'q={ $and: [ { priority: { $in: [ "Critical", "High" ] } }, { status: { $eq: "Open" } }, { created: { $gte: datetime("now", "-1 days") } } ] }' -H 'Host: localhost:3000' -H 'X-SSAPI-KEY: ***' -H 'Content-Type: application/json' -H 'Connection: close'
The query filter supports the following operators:
- And
- Or
- Equals
- Not Equals
- In
- Not In
- Greater Than
- Greater Than or Equals
- Less Than
- Less Than or Equals
- Regular Expression
The query filter also supports datetime function, which allows you to modify the time and date to suit your query requirements.
For example, you could ask it to show you all vulnerabilities in past 24 hours or past 7 days; or filter all vulnerabilities with SLA expiring in next 24 hours or next 7 days.
For more information on how advanced query filtering works, please visit https://support.attackforge.com/attackforge-enterprise/modules/self-service-restful-api/advanced-query-filter
We have added support for querying projects by specific asset(s) which were in-scope for testing, for REST endpoint: GetProjects
This is useful if you need to perform analysis on which projects a given asset was tested, or if it has not yet been tested.
The filter supports:
- exact name match
- partial name match
- case sensitive match
- case insensitive match
- single asset
- multiple assets
- any combination of the above
For more information, please visit https://support.attackforge.com/attackforge-enterprise/modules/self-service-restful-api/getprojects
Last modified 2mo ago