Skip to main content

FullHunt

This Integration is part of the FullHunt Pack.#

Supported versions

Supported Cortex XSOAR versions: 6.0.0 and later.

FullHunt is the attack surface database of the entire Internet. FullHunt enables companies to discover all of their attack surfaces, monitor them for exposure, and continuously scan them for the latest security vulnerabilities. All, in a single platform, and more.

Configure FullHunt in Cortex#

ParameterRequired
Server URLTrue
API KeyTrue
Trust any certificate (not secure)False
Use system proxy settingsFalse

Commands#

You can execute these commands from the CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.

fullhunt-get-account-status#


Get information about the user account such as company, email, credit, and usage

Base Command#

fullhunt-get-account-status

Input#

None

Context Output#

PathTypeDescription
FullHunt.UserInfo.user.companystringCompany name
FullHunt.UserInfo.user.emailstringCompany email
FullHunt.UserInfo.user.first_namestringFirst name
FullHunt.UserInfo.user.last_namestringLast name
FullHunt.UserInfo.user.planstringFullhunt plan
FullHunt.UserInfo.user_credits.credits_usagenumberCredits usage at the time of the request
FullHunt.UserInfo.user_credits.max_results_per_requestnumberMaximum results per request
FullHunt.UserInfo.user_credits.remaining_creditsnumberRemaining credits on the account for the current month
FullHunt.UserInfo.user_credits.total_credits_per_monthnumberTotal credits available per month

fullhunt-get-host#


Get host details

Notice: Submitting indicators using this command might make the indicator data publicly available. See the vendor’s documentation for more details.

Base Command#

fullhunt-get-host

Input#

Argument NameDescriptionRequired
hostHost or list of hostsRequired

Context Output#

PathTypeDescription
FullHunt.Host.is_cloudbooleanWhether the host is based on cloud technology or not
FullHunt.Host.network_portsarrayList of open ports
FullHunt.Host.is_livebooleanWhether the host is live or not
FullHunt.Host.http_titlestringHTTP title
FullHunt.Host.http_status_codenumberHTTP status code
FullHunt.Host.domainstringDomain
FullHunt.Host.ip_metadata.postal_codenumberPostal code related to the IP
FullHunt.Host.ip_metadata.location_longitudenumberLongitude coordinate of the IP
FullHunt.Host.ip_metadata.ispstringInternet Service Provider of the IP
FullHunt.Host.ip_metadata.organizationstringOrganization of the IP
FullHunt.Host.ip_metadata.country_namestringName of the country of the IP
FullHunt.Host.ip_metadata.regionstringRegion of the IP
FullHunt.Host.ip_metadata.country_codestringTwo letters country code
FullHunt.Host.ip_metadata.location_latitudenumberLatitude coordinate of the IP
FullHunt.Host.ip_metadata.asnnumberAutonomous System Number
FullHunt.Host.ip_metadata.city_namestringCity name of the IP
FullHunt.Host.has_private_ipbooleanWhether the host has a private IP listed
FullHunt.Host.is_resolvablebooleanWhether the host is resolvable
FullHunt.Host.dns.aarrayList of DNS A entries
FullHunt.Host.dns.aaaastringDNS AAAA entry
FullHunt.Host.dns.cnamearrayList of DNS CNAME entries
FullHunt.Host.dns.mxarrayList of DNS MX entries
FullHunt.Host.dns.nsarrayList of DNS NS entries
FullHunt.Host.dns.ptrstringDNS PTR entry
FullHunt.Host.dns.txtstringDNS TXT entry
FullHunt.Host.has_ipv6booleanWhether the host has an IPv6 listed
FullHunt.Host.tldstringTop Level Domain
FullHunt.Host.cdnstringContent Delivery Network
FullHunt.Host.is_cloudflarebooleanWhether host uses Cloudflare or not
FullHunt.Host.cloud.providerstringName of the cloud provider
FullHunt.Host.cloud.regionstringRegion of the cloud provider
FullHunt.Host.is_cdnbooleanWhether host uses CDN
FullHunt.Host.tagsarrayTags of the host
FullHunt.Host.ip_addressstringIP address of the host

domain#


Get details about one specified domain

Notice: Submitting indicators using this command might make the indicator data publicly available. See the vendor’s documentation for more details.

Base Command#

fullhunt-domain

Input#

Argument NameDescriptionRequired
domainOne domain to checkRequired

Context Output#

PathTypeDescription
FullHunt.Domain.domainstringDomain
FullHunt.Domain.hostsarrayList of hosts with same details as running the command "fullhunt-get-host"
FullHunt.Domain.messagestringMessage
FullHunt.Domain.metadata.all_results_countnumberNumber of results for this API request
FullHunt.Domain.metadata.available_results_for_usernumberNumber of results available for the user performing the API request
FullHunt.Domain.metadata.domainstringDomain
FullHunt.Domain.metadata.last_scannednumberEpoch timestamp of the domain last scan
FullHunt.Domain.metadata.max_results_for_usernumberMaximum results for the user
FullHunt.Domain.metadata.timestampnumberEpoch timestamp of the API request
FullHunt.Domain.metadata.user_planstringFullhunt plan
FullHunt.Domain.statusnumberHTTP status code

fullhunt-get-subdomain#


Get all subdomains from a given domain

Notice: Submitting indicators using this command might make the indicator data publicly available. See the vendor’s documentation for more details.

Base Command#

fullhunt-get-subdomain

Input#

Argument NameDescriptionRequired
domainEnter the domain from which you want to enumerate subdomains.Required

Context Output#

PathTypeDescription
FullHunt.Subdomain.domainstringDomain
FullHunt.Subdomain.hostsarrayList of subdomains
FullHunt.Subdomain.messagestringMessage
FullHunt.Subdomain.metadata.all_results_countnumberNumber of results for this API request
FullHunt.Subdomain.metadata.available_results_for_usernumberNumber of results available for the user performing the API request
FullHunt.Subdomain.metadata.domainstringDomain
FullHunt.Subdomain.metadata.last_scannednumberEpoch timestamp of the domain last scan
FullHunt.Subdomain.metadata.max_results_for_usernumberMaximum results for the user
FullHunt.Subdomain.metadata.timestampnumberEpoch timestamp of the API request
FullHunt.Subdomain.metadata.user_planstringFullhunt plan
FullHunt.Subdomain.statusnumberHTTP status code