About the connector
Hacker Target provides online IP tools that can be used to quickly get information about IP Addresses, Web Pages, and DNS records.
This document provides information about the Hacker Target connector, which facilitates automated interactions, with a Hacker Target server using FortiSOAR™ playbooks. Add the Hacker Target connector as a step in FortiSOAR™ playbooks and perform automated operations, such as DNS lookup on a specified DNS, test ping a specified IP address, and retrieving http header information for a specified page link.
Version information
Connector Version: 1.0.0
Compatibility with FortiSOAR™ Versions: 4.10.3-161 and later
Compatibility with Hacker Target Version: 1.0 and later
Installing the connector
For the procedure to install a connector, click here.
Prerequisites to configuring the connector
- You must have the URL of the Hacker Target server to which you will connect and perform the automated operations and the API key configured for your account to access that Hacker Target server.
- To access the FortiSOAR™ UI, ensure that port 443 is open through the firewall for the FortiSOAR™ instance.
Configuring the connector
For the procedure to configure a connector, click here.
Configuration parameters
In FortiSOAR™, on the Connectors page, select the Hacker Target connector and click Configure to configure the following parameters:
| Parameter |
Description |
| Server URL |
URL of the Hacker Target server to which you will connect and perform the automated operations. |
| API Key |
API key that is configured for your account for the Hacker Target server to which you will connect and perform the automated operations. |
| Verify SSL |
Specifies whether the SSL certificate for the server is to be verified or not.
By default, this option is set as True. |
Actions supported by the connector
The following automated operations can be included in playbooks and you can also use the annotations to access operations from FortiSOAR™ release 4.10.0 onwards:
| Function |
Description |
Annotation and Category |
| Test Ping |
Performs a test ping on the IP address or the hostname that you have specified. |
test_ping
Investigation |
| DNS Lookup |
Performs a DNS lookup for the DNS that you have specified. |
dns_lookup
Investigation |
| Reverse DNS Lookup |
Performs a reverse DNS lookup for the DNS that you have specified. |
reverse_dns_lookup
Investigation |
| Get All Links from Page |
Retrieves a list of all links from the page you have specified. |
get_link
Investigation |
| WhoIs Lookup |
Performs a WhoIs lookup for the IP address or the hostname that you have specified. |
whois_lookup
Investigation |
| GeoIP Lookup |
Performs a GeopIP lookup for the IP address that you have specified. |
geoip_lookup
Investigation |
| Reverse IP Lookup |
Performs a reverse IP lookup for the IP address that you have specified. |
reverse_ip_lookup
Investigation |
| Get HTTP Header |
Retrieves HTTP header information from the page you have specified. |
get_http_header
Investigation |
| MTR Traceroute |
Performs an MTR traceroute for the IP address or the hostname that you have specified. |
mtr_traceroute
Investigation |
operation: Test Ping
Input parameters
| Parameter |
Description |
| IP Address/Hostname |
IP address or hostname on which you want to perform a test ping. |
Output
The JSON output contains all the test ping result
Following image displays a sample output:
operation: DNS Lookup
Input parameters
| Parameter |
Description |
| Domain Name Server |
Name of the Domain Name Server (DNS) on which you want to perform a DNS lookup. |
Output
The JSON output contains a list consisting of all DNS lookup data for the DNS you have specified.
Following image displays a sample output:
operation: Reverse DNS Lookup
Input parameters
| Parameter |
Description |
| Domain Name Server |
Name of the Domain Name Server (DNS) on which you want to perform a reverse DNS lookup. |
Output
The JSON output contains a list consisting of all reverse DNS lookup data for the DNS you have specified.
Following image displays a sample output:
operation: Get All Links from Page
Input parameters
| Parameter |
Description |
| Page Link |
Address of the page from which you want to retrieve links. |
Output
The JSON output contains a list consisting of all links for the page you have specified.
Following image displays a sample output:
operation: WhoIs Lookup
Input parameters
| Parameter |
Description |
| IP Address/Hostname |
IP address or hostname on which you want to perform a WhoIs lookup. |
Output
The JSON output contains a list consisting of all WhoIs lookup data for the IP address you have specified.
Following image displays a sample output:
operation: GeoIP Lookup
Input parameters
| Parameter |
Description |
| IP Address |
IP address on which you want to perform a GeoIP lookup. |
Output
The JSON output contains a list consisting of all GeoIP lookup data for the IP address you have specified.
Following image displays a sample output:
operation: Reverse IP Lookup
Input parameters
| Parameter |
Description |
| IP Address |
IP address on which you want to perform a reverse IP lookup. |
Output
The JSON output contains a list consisting of all reverse IP lookup data for the IP address you have specified.
Following image displays a sample output:
operation: Get HTTP Header
Input parameters
| Parameter |
Description |
| Page Link |
Address of the page from which you want to retrieve HTTP header information. |
Output
The JSON output contains the HTTP header information for the page you have specified.
Following image displays a sample output:
operation: MTR Traceroute
Input parameters
| Parameter |
Description |
| IP Address/Hostname |
IP address or hostname on which you want to perform an MTR traceroute. |
Output
The JSON output contains the MTR Traceroute data for the IP address you have specified.
Following image displays a sample output:
Included playbooks
The Sample - Hacker-Target - 1.0.0 playbook collection comes bundled with the Hacker Target connector. This playbook contains steps using which you can perform all supported actions. You can see the bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the Hacker Target connector.
- DNS Lookup
- GeoIP Lookup
- Get All Links from Page
- Get HTTP Header
- MTT Traceroute
- Reverse DNS Lookup
- Reverse IP Lookup
- Test Ping
- WhoIS Lookup
Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection since the sample playbook collection gets deleted during connector upgrade and delete.
