Target "Export" Column Descriptions

affiliation_state: User set flag that permits filtering of entities deemed not related to you. All default UI views filter for affiliation_state = not specified.

applicability: Integer representing Target Temptation Applicability attribute. See: Temptation

attack_note: Target specific notes from the HOC Attack Operations team describing any observed weaknesses or characteristics of the target in question that would be of interest to an adversary.

authority: Whether or not this entity is related to you.

authority_distance: Distance to known related entity. Reconnassiance work is chosen based on how close an entity is to the authority boundary.

authority_override: The manual override that allows a human to decide on authority instead of the algorithm.

authorization_state: For Attack customers, wheter or not this target has been put in scope or "authorized" for attack activities.

banners_uuid: Subsequent API calls can use UUID to return detection's HTTP banner contents.

cert_uuid: Subsequent API calls can use UUID to return detection's certificate contents.

characteristic_tags: Set of Characteristics that have been applied to this target. See: Characteristics

characteristics_count: How many Characteristics in characteristics_tags -confidence: Integer representation of confidence that entity is related to you. Maps to UI display of Low less than 26, Medium=26-60, High=61-100.

cpe: NVD CPE String for this targets service.

criticality: Integer representing Target Temptation Criticality attribute. See: Temptation

description: Service description.

detection_relevance: Internal Use

enumerability: Integer representing Target Temptation Enumberability attribute. See: Temptation

exploitability: Integer representing Target Temptation Exploitability attribute. See: Temptation

first_seen: Timestamp of when target was first discovered.

headers_uuid: Subsequent API calls can use UUID to return detection's HTTP hearder contents.

hostname: Hostname of target.

hostname_id: UUID of hostname that can be used in subsequent API calls to return hostname details.

id: Target's UUID.

impact_score: Randori allows users the ability to assign Impact to their assets to facilitate in maintaining a proper asset inventory. This is the current set impact score. (None, Low, Medium, High). See: Impact

ip: IP Address of target.

ip_id: UUID of IP that can be used in subsequent API calls to return IP details.

last_seen: Timestamp of when target was last seen.

lens_id: Metadata about where the platform discovered the asset from. For external assets (aka Public) this will be a UUID of all 0's. For internal assets, this will be a UUID computed based on various implant metadata.

lens_view: Public for assets that can be discovered on the open internet and internal for assets that can only be discovered with internal access.

name: Service Name

org_id: UUID of this Organization that can be used in subsequent API calls to return additional org details.

path: Patch part of URL to this enity. For example /index.html/ or /login/

perspective_name: See lens_view

poc_email: Internal Use

poc_id: Internal Use

port: Port number of the service.

post_exploit: Integer representing Target Temptation Post Exploit Potential attribute. See: Temptation

priority_impact_factor: Internal Use (how the set Impact on a Target modifies the overall priority_score)

priority_score: Overall risk classification is set as a Priority score. This is number mapped to UI as:

• High Priority: > 29.98

• Medium Priority: > 20 and <= 29.98

• Low Priority: <= 20

priority_status_factor: Internal Use (how the set Status on a Target modifies the overall priority_score)

priority_tags_factor: Internal Use (how the Characteristics on a Target modify the overall priority_score)

private_weakness: The measure of available exploits in non-public circles, as well as factors such as cost of exploits for those weaknesses.

protocol: Service's detected transport protocol such as tcp

public_weakness: The measure of public disclosures around this Service as well as the implications of known weaknesses within the Service.

Randori_notes: Randori HOC notes about this service.

reference: Full URL string.

researc: Integer representing Target Temptation Research Potential attribute. See: Temptation

screenshot_uuid: UUID of Screenshot object that can be used in subsequent API calls to return the screenshot.

service_id: UUID of Service that can be used in subsequent API calls to return service details.

status: Status is used to indicate the current state of work surrounding a given target. See: Status

target_confidence: Confidence is computed based on Authority and Authority Distance and indicates how strongly the Randori platform believes a particular asset "belongs" to the client.

target_first_seen: Date target was created.

target_num_detections: Number of detections for target. A Detection describes how an attacker could navigate to a specific Target. See: Targets

target_temptation: Temptation provides a realistic adversarial assessment of the likelihood Target will be attacked.

• Critical: 40-100

• High: 30-39

• Medium: 15-29

• Low: 0-14

• In Review: null

tech_category: Technology category of service. See: Temptation

temptation_last_modified: The date that the service temptation was last modified (targets are concrete instances of service abstractions).

thumbnail_uuid: UUID of screenshot thumbnail that can be used in subsequent API calls to return the thumbnail image.

user_tags: Set of user defined tags applied to this target.

validated_vulnerabilities: A list of CVEs or Default Credential Testing activities that have been successful for this Target.

validated_vulnerabilities_count: A count of the CVEs or Default Credential Testing activities that have been successful for this Target.

vendor: Service vendor such as Microsoft or Cisco

version: If it exists, the enumerated version number of the discovered service.