Fortinet Document Library

Version:


Table of Contents

1.0.0
Copy Link

About the connector

Hacker Target provides online IP tools that can be used to quickly get information about IP Addresses, Web Pages, and DNS records.

This document provides information about the Hacker Target connector, which facilitates automated interactions, with a Hacker Target server using FortiSOAR™ playbooks. Add the Hacker Target connector as a step in FortiSOAR™ playbooks and perform automated operations, such as DNS lookup on a specified DNS, test ping a specified IP address, and retrieving http header information for a specified page link.

 

Version information

Connector Version: 1.0.0

Compatibility with FortiSOAR™ Versions: 4.10.3-161 and later

Compatibility with Hacker Target Version: 1.0 and later

 

Installing the connector

For the procedure to install a connector, click here.

 

Prerequisites to configuring the connector

  • You must have the URL of the Hacker Target server to which you will connect and perform the automated operations and the API key configured for your account to access that Hacker Target server.
  • To access the FortiSOAR™ UI, ensure that port 443 is open through the firewall for the FortiSOAR™ instance.

 

Configuring the connector

For the procedure to configure a connector, click here.

 

Configuration parameters

In FortiSOAR™, on the Connectors page, select the Hacker Target connector and click Configure to configure the following parameters:

 

Parameter Description
Server URL URL of the Hacker Target server to which you will connect and perform the automated operations.
API Key API key that is configured for your account for the Hacker Target server to which you will connect and perform the automated operations.
Verify SSL Specifies whether the SSL certificate for the server is to be verified or not.
By default, this option is set as True.

 

Actions supported by the connector

The following automated operations can be included in playbooks and you can also use the annotations to access operations from FortiSOAR™ release 4.10.0 onwards:

 

Function Description Annotation and Category
Test Ping Performs a test ping on the IP address or the hostname that you have specified. test_ping
Investigation
DNS Lookup Performs a DNS lookup for the DNS that you have specified. dns_lookup
Investigation
Reverse DNS Lookup Performs a reverse DNS lookup for the DNS that you have specified. reverse_dns_lookup
Investigation
Get All Links from Page Retrieves a list of all links from the page you have specified. get_link
Investigation
WhoIs Lookup Performs a WhoIs lookup for the IP address or the hostname that you have specified. whois_lookup
Investigation
GeoIP Lookup Performs a GeopIP lookup for the IP address that you have specified. geoip_lookup
Investigation
Reverse IP Lookup Performs a reverse IP lookup for the IP address that you have specified. reverse_ip_lookup
Investigation
Get HTTP Header Retrieves HTTP header information from the page you have specified. get_http_header
Investigation
MTR Traceroute Performs an MTR traceroute for the IP address or the hostname that you have specified. mtr_traceroute
Investigation

 

operation: Test Ping

Input parameters

 

Parameter Description
IP Address/Hostname IP address or hostname on which you want to perform a test ping.

 

Output

The JSON output contains all the test ping result

Following image displays a sample output:

 

Sample output of the Test Ping operation

 

operation: DNS Lookup

Input parameters

 

Parameter Description
Domain Name Server Name of the Domain Name Server (DNS) on which you want to perform a DNS lookup.

 

Output

The JSON output contains a list consisting of all DNS lookup data for the DNS you have specified.

Following image displays a sample output:

 

Sample output of the DNS Lookup operation

 

operation: Reverse DNS Lookup

Input parameters

 

Parameter Description
Domain Name Server Name of the Domain Name Server (DNS) on which you want to perform a reverse DNS lookup.

 

Output

The JSON output contains a list consisting of all reverse DNS lookup data for the DNS you have specified.

Following image displays a sample output:

 

Sample output of the Reverse DNS Lookup operation

 

operation: Get All Links from Page

Input parameters

 

Parameter Description
Page Link Address of the page from which you want to retrieve links.

 

Output

The JSON output contains a list consisting of all links for the page you have specified.

Following image displays a sample output:

 

Sample output of the Get All Links from Page operation

 

operation: WhoIs Lookup

Input parameters

 

Parameter Description
IP Address/Hostname IP address or hostname on which you want to perform a WhoIs lookup.

 

Output

The JSON output contains a list consisting of all WhoIs lookup data for the IP address you have specified.

Following image displays a sample output:

 

Sample output of the WhoIs Lookup operation

 

operation: GeoIP Lookup

Input parameters

 

Parameter Description
IP Address IP address on which you want to perform a GeoIP lookup.

 

Output

The JSON output contains a list consisting of all GeoIP lookup data for the IP address you have specified.

Following image displays a sample output:

 

Sample output of the GeoIP Lookup operation

 

operation: Reverse IP Lookup

Input parameters

 

Parameter Description
IP Address IP address on which you want to perform a reverse IP lookup.

 

Output

The JSON output contains a list consisting of all reverse IP lookup data for the IP address you have specified.

Following image displays a sample output:

 

Sample output of the Reverse IP Lookup operation

 

operation: Get HTTP Header

Input parameters

 

Parameter Description
Page Link Address of the page from which you want to retrieve HTTP header information.

 

Output

The JSON output contains the HTTP header information for the page you have specified.

Following image displays a sample output:

 

Sample output of the Get HTTP Header operation

 

operation: MTR Traceroute

Input parameters

 

Parameter Description
IP Address/Hostname IP address or hostname on which you want to perform an MTR traceroute.

 

Output

The JSON output contains the MTR Traceroute data for the IP address you have specified.

Following image displays a sample output:

 

Sample output of the MTR Traceroute operation

 

Included playbooks

The Sample - Hacker-Target - 1.0.0 playbook collection comes bundled with the Hacker Target connector. This playbook contains steps using which you can perform all supported actions. You can see the bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the Hacker Target connector.

  • DNS Lookup
  • GeoIP Lookup
  • Get All Links from Page
  • Get HTTP Header
  • MTT Traceroute
  • Reverse DNS Lookup
  • Reverse IP Lookup
  • Test Ping
  • WhoIS Lookup

Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection since the sample playbook collection gets deleted during connector upgrade and delete.

 

About the connector

Hacker Target provides online IP tools that can be used to quickly get information about IP Addresses, Web Pages, and DNS records.

This document provides information about the Hacker Target connector, which facilitates automated interactions, with a Hacker Target server using FortiSOAR™ playbooks. Add the Hacker Target connector as a step in FortiSOAR™ playbooks and perform automated operations, such as DNS lookup on a specified DNS, test ping a specified IP address, and retrieving http header information for a specified page link.

 

Version information

Connector Version: 1.0.0

Compatibility with FortiSOAR™ Versions: 4.10.3-161 and later

Compatibility with Hacker Target Version: 1.0 and later

 

Installing the connector

For the procedure to install a connector, click here.

 

Prerequisites to configuring the connector

 

Configuring the connector

For the procedure to configure a connector, click here.

 

Configuration parameters

In FortiSOAR™, on the Connectors page, select the Hacker Target connector and click Configure to configure the following parameters:

 

Parameter Description
Server URL URL of the Hacker Target server to which you will connect and perform the automated operations.
API Key API key that is configured for your account for the Hacker Target server to which you will connect and perform the automated operations.
Verify SSL Specifies whether the SSL certificate for the server is to be verified or not.
By default, this option is set as True.

 

Actions supported by the connector

The following automated operations can be included in playbooks and you can also use the annotations to access operations from FortiSOAR™ release 4.10.0 onwards:

 

Function Description Annotation and Category
Test Ping Performs a test ping on the IP address or the hostname that you have specified. test_ping
Investigation
DNS Lookup Performs a DNS lookup for the DNS that you have specified. dns_lookup
Investigation
Reverse DNS Lookup Performs a reverse DNS lookup for the DNS that you have specified. reverse_dns_lookup
Investigation
Get All Links from Page Retrieves a list of all links from the page you have specified. get_link
Investigation
WhoIs Lookup Performs a WhoIs lookup for the IP address or the hostname that you have specified. whois_lookup
Investigation
GeoIP Lookup Performs a GeopIP lookup for the IP address that you have specified. geoip_lookup
Investigation
Reverse IP Lookup Performs a reverse IP lookup for the IP address that you have specified. reverse_ip_lookup
Investigation
Get HTTP Header Retrieves HTTP header information from the page you have specified. get_http_header
Investigation
MTR Traceroute Performs an MTR traceroute for the IP address or the hostname that you have specified. mtr_traceroute
Investigation

 

operation: Test Ping

Input parameters

 

Parameter Description
IP Address/Hostname IP address or hostname on which you want to perform a test ping.

 

Output

The JSON output contains all the test ping result

Following image displays a sample output:

 

Sample output of the Test Ping operation

 

operation: DNS Lookup

Input parameters

 

Parameter Description
Domain Name Server Name of the Domain Name Server (DNS) on which you want to perform a DNS lookup.

 

Output

The JSON output contains a list consisting of all DNS lookup data for the DNS you have specified.

Following image displays a sample output:

 

Sample output of the DNS Lookup operation

 

operation: Reverse DNS Lookup

Input parameters

 

Parameter Description
Domain Name Server Name of the Domain Name Server (DNS) on which you want to perform a reverse DNS lookup.

 

Output

The JSON output contains a list consisting of all reverse DNS lookup data for the DNS you have specified.

Following image displays a sample output:

 

Sample output of the Reverse DNS Lookup operation

 

operation: Get All Links from Page

Input parameters

 

Parameter Description
Page Link Address of the page from which you want to retrieve links.

 

Output

The JSON output contains a list consisting of all links for the page you have specified.

Following image displays a sample output:

 

Sample output of the Get All Links from Page operation

 

operation: WhoIs Lookup

Input parameters

 

Parameter Description
IP Address/Hostname IP address or hostname on which you want to perform a WhoIs lookup.

 

Output

The JSON output contains a list consisting of all WhoIs lookup data for the IP address you have specified.

Following image displays a sample output:

 

Sample output of the WhoIs Lookup operation

 

operation: GeoIP Lookup

Input parameters

 

Parameter Description
IP Address IP address on which you want to perform a GeoIP lookup.

 

Output

The JSON output contains a list consisting of all GeoIP lookup data for the IP address you have specified.

Following image displays a sample output:

 

Sample output of the GeoIP Lookup operation

 

operation: Reverse IP Lookup

Input parameters

 

Parameter Description
IP Address IP address on which you want to perform a reverse IP lookup.

 

Output

The JSON output contains a list consisting of all reverse IP lookup data for the IP address you have specified.

Following image displays a sample output:

 

Sample output of the Reverse IP Lookup operation

 

operation: Get HTTP Header

Input parameters

 

Parameter Description
Page Link Address of the page from which you want to retrieve HTTP header information.

 

Output

The JSON output contains the HTTP header information for the page you have specified.

Following image displays a sample output:

 

Sample output of the Get HTTP Header operation

 

operation: MTR Traceroute

Input parameters

 

Parameter Description
IP Address/Hostname IP address or hostname on which you want to perform an MTR traceroute.

 

Output

The JSON output contains the MTR Traceroute data for the IP address you have specified.

Following image displays a sample output:

 

Sample output of the MTR Traceroute operation

 

Included playbooks

The Sample - Hacker-Target - 1.0.0 playbook collection comes bundled with the Hacker Target connector. This playbook contains steps using which you can perform all supported actions. You can see the bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the Hacker Target connector.

Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection since the sample playbook collection gets deleted during connector upgrade and delete.