criminal-ip-asm-domain-assets
Get domain assets from Criminal IP ASM service.
criminal-ip-asm-domain-assets [profile=PROFILE] [domain=DOMAIN] [duration=NUM{mon|w|d|h|m|s}] [from=yyyyMMddHHmmss] [to=yyyyMMddHHmmss]
- profile=PROFILE
- Connect profile code of Criminal IP ASM.
- domain=DOMAIN
- 도메인 지정 시 해당 도메인의 서브 도메인 목록을 반환하고, 미지정 시 Apex 도메인 목록을 반환합니다.
- duration=NUM{mon|w|d|h|m|s}
- Scan only recent data. You should use s(second), m(minute), h(hour), d(day), mon(month) time unit. For example,
10smeans data from 10 seconds earlier. - from=yyyyMMddHHmmss
- Start time of range. yyyyMMddHHmmss format. If you omit time part, it will be padded by zero.
- to=yyyyMMddHHmmss
- End time of range. yyyyMMddHHmmss format. If you omit time part, it will be padded by zero.
Output Fields
| Field | Type | Name | Description |
|---|---|---|---|
| _time | Date | Time | Registered time |
| risk | String | Risk | e.g. SAFE, LOW, MEDIUM, HIGH |
| domain | String | Domain | e.g. app.acme.com |
| group | String | Group name | e.g. AWS |
| tech_stack | String | Tech stack | e.g. Amazon Web Services,Amazon S3 |
| cve | String | CVE | Line separated CVE names |
| risk_count | Integer | Risk count | Number of risks |
| vuln_count | Integer | Vulnerability count | Number of known vulnerabilities |
| is_new | Bool | Is new | Registered in 7 days. |
| first_seen | Date | First seen | Convert UTC timestamp literal to Date type. |
| x509_expiry | Date | X.509 expiry | Expiration date of X.509 certificate. |
| x509_cipher | String | X.509 cipher | e.g. sha256WithRSAEncryption |
| seed_domain | String | Seed domain | Seed domain for auto scanning |
| scan_percent | Integer | Scan percent | 0~100 or -2 |
| screenshot_url | String | Screenshot URL | |
| collection_method | String | Collection method | Automatically or Manual |
| description | String | Description | e.g. Automatically Registered from modusign.co.kr |
| endpoints | List | Endpoints | List of key-value pairs with ip and port. |