Vulnerabilities API
The Vulnerabilities API retrieves discovered vulnerabilities across your organization's assets, providing detailed information about security issues, their impact, and remediation recommendations.
info
This API endpoint is available for enterprise accounts only.
Get Vulnerabilitiesā
Retrieve discovered vulnerabilities for your organization.
HTTP Request
GET https://fullhunt.io/api/v1/enterprise/vulnerabilities
Query Parameters
| Parameter | Required | Type | Description |
|---|---|---|---|
| org | No | string | Filter vulnerabilities by organization ID |
Example Request
curl "https://fullhunt.io/api/v1/enterprise/vulnerabilities" \
-H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"
Example Response
[
{
"affected_location": "https://api.acme.com:8443/v1/payment-gateway/${jndi:ldap://127.0.0.1:1389/Exploit}",
"automated_vulnerability_validation_status": true,
"custom_severity": "critical",
"description": "A critical remote code execution vulnerability (CVE-2021-44228) has been detected in the Log4j logging library on the target host. The affected endpoint processes JNDI lookup strings in logged data, allowing attackers to trigger remote class loading and achieve code execution. Testing confirmed that user-controlled input is being logged by the application, making this a direct attack vector. The vulnerable version of Log4j (2.14.1) was identified through manifest analysis and active testing.",
"domain": "acme.com",
"host": "api.acme.com",
"host_type": "dns",
"identification_date": 1707152400,
"impact": "The vulnerability allows attackers to execute arbitrary code on the target system with the privileges of the Java application. Given this is a production payment processing API, successful exploitation could lead to unauthorized access to financial data, lateral movement within the network, and potential customer data exposure. The automated validation confirms the system is actively vulnerable to JNDI lookup attacks.",
"issue_id": 12458,
"last_seen": 1707238800,
"recommendation": "1. Immediately upgrade Log4j to version 2.17.1 or later\n2. Set log4j2.formatMsgNoLookups=true as a JVM parameter\n3. Implement WAF rules to block JNDI lookup patterns\n4. Review application logs for exploitation attempts\n5. Apply strict input validation on all API endpoints\n6. Deploy network rules to block outbound LDAP/RMI traffic from the application server",
"references": [
"https://nvd.nist.gov/vuln/detail/CVE-2021-44228",
"https://logging.apache.org/log4j/2.x/security.html",
"https://www.cisa.gov/news-events/cybersecurity-advisories/aa21-356a",
"https://github.com/apache/logging-log4j2/releases/tag/log4j-2.17.1",
"https://www.lunasec.io/docs/blog/log4j-zero-day/",
"https://www.microsoft.com/en-us/security/blog/2021/12/11/guidance-for-preventing-detecting-and-hunting-for-cve-2021-44228-log4j-2-exploitation/"
],
"severity": "critical",
"status": 0,
"title": "Log4j Remote Code Execution Vulnerability (Log4Shell) at api.acme.com",
"vulnerability_id": "CVE-2021-44228",
"vulnerability_type": "Application"
}
]
Response Fields
| Field | Type | Description |
|---|---|---|
affected_location | string | Specific URL or location where vulnerability was found |
automated_vulnerability_validation_status | boolean | Whether the vulnerability was automatically validated |
custom_severity | string | FullHunt's assessed severity level |
description | string | Detailed technical description of the vulnerability |
domain | string | The affected domain |
host | string | The specific host affected |
host_type | string | Type of host (e.g., "dns") |
identification_date | integer | Unix timestamp when vulnerability was first identified |
impact | string | Detailed impact assessment |
issue_id | integer | Unique vulnerability issue identifier |
last_seen | integer | Unix timestamp when vulnerability was last confirmed |
recommendation | string | Detailed remediation recommendations |
references | array | External references and resources |
severity | string | Standard vulnerability severity level |
status | integer | Vulnerability status (0 = active, 1 = resolved) |
title | string | Vulnerability title/summary |
vulnerability_id | string | CVE ID or other vulnerability identifier |
vulnerability_type | string | Type of vulnerability (e.g., "Application", "Infrastructure") |
Integration Exampleā
import requests
from datetime import datetime
def get_critical_vulnerabilities(api_key):
"""Get all critical vulnerabilities for the organization."""
url = "https://fullhunt.io/api/v1/enterprise/vulnerabilities"
headers = {"X-API-KEY": api_key}
response = requests.get(url, headers=headers)
if response.status_code == 200:
vulnerabilities = response.json()
# Filter for critical vulnerabilities
critical_vulns = [v for v in vulnerabilities if v.get('severity') == 'critical']
print(f"Found {len(critical_vulns)} critical vulnerabilities:")
for vuln in critical_vulns:
print(f"\nšØ {vuln['title']}")
print(f" Host: {vuln['host']}")
print(f" CVE: {vuln.get('vulnerability_id', 'N/A')}")
print(f" Identified: {datetime.fromtimestamp(vuln['identification_date'])}")
print(f" Status: {'Active' if vuln['status'] == 0 else 'Resolved'}")
if vuln.get('automated_vulnerability_validation_status'):
print(" ā
Automatically validated")
print(f" Impact: {vuln['impact'][:100]}...")
return critical_vulns
else:
print(f"Error: {response.status_code}")
return None
def generate_vulnerability_report(api_key):
"""Generate a summary vulnerability report."""
url = "https://fullhunt.io/api/v1/enterprise/vulnerabilities"
headers = {"X-API-KEY": api_key}
response = requests.get(url, headers=headers)
if response.status_code == 200:
vulnerabilities = response.json()
# Count by severity
severity_counts = {}
type_counts = {}
for vuln in vulnerabilities:
severity = vuln.get('severity', 'unknown')
vuln_type = vuln.get('vulnerability_type', 'unknown')
severity_counts[severity] = severity_counts.get(severity, 0) + 1
type_counts[vuln_type] = type_counts.get(vuln_type, 0) + 1
print("š Vulnerability Summary Report")
print("=" * 40)
print("\nBy Severity:")
for severity, count in sorted(severity_counts.items()):
print(f" {severity.capitalize()}: {count}")
print("\nBy Type:")
for vuln_type, count in sorted(type_counts.items()):
print(f" {vuln_type}: {count}")
print(f"\nTotal Vulnerabilities: {len(vulnerabilities)}")
return vulnerabilities
else:
print(f"Error: {response.status_code}")
return None
# Usage
api_key = "your-api-key-here"
critical_vulns = get_critical_vulnerabilities(api_key)
full_report = generate_vulnerability_report(api_key)
Automated Vulnerability Validationā
FullHunt automatically validates vulnerabilities when possible:
Validation Methodsā
- Active Testing: Safe exploitation attempts to confirm vulnerability
- Version Detection: Identifying vulnerable software versions
- Configuration Analysis: Checking for insecure configurations
- Response Analysis: Analyzing server responses for vulnerability indicators
Validation Statusā
true: Vulnerability has been automatically validatedfalse: Vulnerability detected but not automatically validated
Integration with Security Toolsā
# Example: Send critical vulnerabilities to SIEM
def send_to_siem(vulnerabilities):
for vuln in vulnerabilities:
if vuln['severity'] == 'critical':
siem_event = {
'timestamp': vuln['identification_date'],
'source': 'FullHunt',
'severity': 'high',
'title': vuln['title'],
'host': vuln['host'],
'cve_id': vuln.get('vulnerability_id'),
'description': vuln['description']
}
# Send to your SIEM system
send_to_siem_api(siem_event)