criminal-ip-asm-risk-assets

Get risk assets from Criminal IP ASM service.

criminal-ip-asm-risk-assets [profile=PROFILE] [duration=NUM{mon|w|d|h|m|s}] [from=yyyyMMddHHmmss] [to=yyyyMMddHHmmss]

profile=PROFILE: Connect profile code of Criminal IP ASM
duration=NUM{mon|w|d|h|m|s}: Scan only recent data. You should use s(second), m(minute), h(hour), d(day), mon(month) time unit. For example, 10s means data from 10 seconds earlier.
from=yyyyMMddHHmmss: Start time of range. yyyyMMddHHmmss format. If you omit time part, it will be padded by zero.
to=yyyyMMddHHmmss: End time of range. yyyyMMddHHmmss format. If you omit time part, it will be padded by zero.

Output Fields

Field	Type	Name	Description
profile	String	Connect profile	Connect profile code of Criminal IP ASM.
risk	String	Risk	e.g. LOW, MEDIUM, HIGH
asset	String	Asset	Domain or IP address
group	String	Group name	e.g. AWS, Azure
category	String	Category	e.g. Internal, 80_port, API_Key, domain_vuln, config_exposure
app	String	App	e.g. Apache Tomcat
description	String	Description	e.g. Port 80 open but Port 443 closed on IP x.x.x.x
comment	String	Comment
md5	String	MD5	MD5 value for the description.