criminal-ip-asm-ip-assets
Get IP assets from Criminal IP ASM service.
criminal-ip-asm-ip-assets [profile=PROFILE] [duration=NUM{mon|w|d|h|m|s}] [from=yyyyMMddHHmmss] [to=yyyyMMddHHmmss]
- profile=PROFILE
- Connect profile code of Criminal IP ASM.
- duration=NUM{mon|w|d|h|m|s}
- Scan only recent data. You should use s(second), m(minute), h(hour), d(day), mon(month) time unit. For example,
10smeans data from 10 seconds earlier. - from=yyyyMMddHHmmss
- Start time of range. yyyyMMddHHmmss format. If you omit time part, it will be padded by zero.
- to=yyyyMMddHHmmss
- End time of range. yyyyMMddHHmmss format. If you omit time part, it will be padded by zero.
Output Fields
| Field | Type | Name | Description |
|---|---|---|---|
| profile | String | Connect profile | Connect profile code of Criminal IP ASM. |
| group | String | Group name | e.g. AWS |
| host_ip | IP address | IP address | IP address of the asset. |
| is_new | Bool | Is new | true if detected in 7 days. |
| is_risk | Bool | Is risk | true if IP asset has risk. |
| domains | List | domains | Mapped domain names. |
| country | String | Country code | e.g. US |
| asn | String | ASN | e.g. AMAZON-02 |
| app | String | App | e.g. cloudflare |
| ports | List | Ports | Open port list. |
| vuln_count | Integer | Vulnerability count | Number of vulnerabilities in the asset. |
| cve | List | CVE | List of CVE names. |
| screenshots | List | Screenshots | URL list |
| first_seen | Date | First seen | When the asset was first registered. |
| last_seen | Date | Last seen | When the asset was last updated. |
| description | String | Description | e.g. Automatically Registered From … |
| collection_method | String | Collection method | e.g. Manually, Automatically |