Summary

ProjectDiscovery supports various third-party integrations to enhance your security workflow. These integrations enable:

  • Cloud asset discovery and management

  • Real-time alerting through communication platforms

  • Automated vulnerability tracking through ticketing systems

  • Custom webhook integrations for workflow automation

Configure your integrations through the Configurations interface.

Notification Integrations

Alerting integrations support notifications as part of scanning and include Slack, Microsoft Teams, Email, and custom Webhooks. Navigate to Scans → Configurations → Alerting to configure your alerts.

Slack

ProjectDiscovery supports scan notifications through Slack. To enable Slack notifications provide a name for your Configuration, a webhook, and an optional username.

Choose from the list of Events (Scan Started, Scan Finished, Scan Failed) to specify what notifications are generated. All Events are selected by default

MS Teams

ProjectDiscovery supports notifications through Microsoft Teams. To enable notifications, provide a name for your Configuration and a corresponding webhook.

Choose from the list of Events (Scan Started, Scan Finished, Scan Failed) to specify what notifications are generated.

Email

ProjectDiscovery supports notifications via Email. To enable email notifications for completed scans simply add your recipient email addresses.

Webhook

ProjectDiscovery supports custom webhook notifications, allowing you to post events to any HTTP endpoint that matches your infrastructure requirements.

To implement webhook notifications, provide:

  • Configuration name

  • Webhook URL

  • Authentication parameters (if required)

Example endpoint format:

https://your-domain.com/api/security/alerts

Ticketing Integrations

The integrations under Ticketing support ticketing functionality as part of scanning and include support for Jira, GitHub, GitLab, and Linear. Navigate to Scans → Configurations → Ticketing to configure your ticketing tools.

Jira

ProjectDiscovery provides integration support for Jira to create new tickets when vulnerabilities are found.

Provide a name for the configuration, the Jira instance URL , the Account ID, the Email, and the associated API token.

Details on creating an API token are available in the Jira documentation here.

GitHub

ProjectDiscovery provides integration support for GitHub to create new tickets when vulnerabilities are found.

Provide a name for the configuration, the Organization or username, Project name, Issue Assignee, Token, and Issue Label. The Issue Label determines when a ticket is created. (For example, if critical severity is selected, any issues with a critical severity will create a ticket.)

  • The severity as label option adds a template result severity to any GitHub issues created.

  • Deduplicate posts any new results as comments on existing issues instead of creating new issues for the same result.

Details on setting up access in GitHub are available here.

GitLab

ProjectDiscovery provides integration support for GitLab to create new tickets when vulnerabilities are found.

Provide your GitLab username, Project name, Project Access Token and a GitLab Issue label. The Issue Label determines when a ticket is created. (For example, if critical severity is selected, any issues with a critical severity will create a ticket.)

  • The severity as label option adds a template result severity to any GitLab issues created.

  • Deduplicate posts any new results as comments on existing issues instead of creating new issues for the same result.

Refer to GitLab’s documentation for details on configuring a Project Access token.

Linear

ProjectDiscovery integrates with Linear for automated issue tracking. The integration requires the following API parameters:

  1. Linear API Key

  2. Linear Team ID

  3. Linear Open State ID

To retrieve these parameters:

  1. API Key Generation:

    • Path: Linear > Settings > API > Personal API keys

    • Direct URL: linear.app/[workspace]/settings/api

  2. Team ID Retrieval:

query {
  teams {
    nodes {
      id
      name
    }
  }
}
  1. Open State ID Retrieval:
query {
  workflowStates {
    nodes {
      id
      name
    }
  }
}

For detailed API documentation, refer to the Linear API Documentation.

Cloud Asset Discovery

ProjectDiscovery leverages our open-source Cloudlist technology to provide comprehensive cloud asset discovery and management through a simple web interface.

Major Cloud Services

AWS (Amazon Web Services)

Supported AWS Services:

Example Config: Amazon Web Services can be integrated by using the following configuration block.

- provider: aws # provider is the name of the provider
  # id is the name defined by user for filtering (optional)
  id: staging
  # aws_access_key is the access key for AWS account
  aws_access_key: $AWS_ACCESS_KEY
  # aws_secret_key is the secret key for AWS account
  aws_secret_key: $AWS_SECRET_KEY
  # aws_session_token session token for temporary security credentials retrieved via STS (optional)
  aws_session_token: $AWS_SESSION_TOKEN
  # assume_role_name is the name of the role to assume (optional)
  assume_role_name: $AWS_ASSUME_ROLE_NAME
  # account_ids is the aws account ids which has similar assumed role name (optional)
  account_ids:
    - $AWS_ACCOUNT_ID_1
    - $AWS_ACCOUNT_ID_2

aws_access_key and aws_secret_key can be generated in the IAM console. We recommend creating a new IAM user with Read Only permissions and providing the access token for the user.

Scopes Required:

The following scopes can directly be provided to the IAM user.

EC2 - AmazonEC2ReadOnlyAccess
Route53 - AmazonRoute53ReadOnlyAccess
S3 - AmazonS3ReadOnlyAccess
Lambda - AWSLambda_ReadOnlyAccess
ELB - ElasticLoadBalancingReadOnly
Cloudfront - CloudFrontReadOnlyAccess

To also support other services, a custom policy document is provided which can directly be copy-pasted to the role to allow correct and minimal permissions.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "RequiredReadPermissions",
            "Effect": "Allow",
            "Action": [
                "ec2:DescribeInstances",
                "ec2:DescribeRegions",
                "route53:ListHostedZones",
                "route53:ListResourceRecordSets",
                "s3:ListAllMyBuckets",
                "lambda:ListFunctions",
                "elasticloadbalancing:DescribeLoadBalancers",
                "elasticloadbalancing:DescribeTargetGroups",
                "elasticloadbalancing:DescribeTargetHealth",
                "cloudfront:ListDistributions",
                "ecs:ListClusters",
                "ecs:ListServices",
                "ecs:ListTasks",
                "ecs:DescribeTasks",
                "ecs:DescribeContainerInstances",
                "eks:ListClusters",
                "eks:DescribeCluster",
                "apigateway:GET",
                "lightsail:GetInstances",
                "lightsail:GetRegions"
            ],
            "Resource": "*"
        }
    ]
} 

References:

  1. https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_examples_iam_read-only-console.html

  2. https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html

  3. https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html

Google Cloud Platform (GCP)

Supported GCP Services:

Example Config:

Google Cloud Platform can be integrated by using the following configuration block.

- provider: gcp # provider is the name of the provider
  # profile is the name of the provider profile
  id: logs
  # gcp_service_account_key is the minified json of a google cloud service account with list permissions
  gcp_service_account_key: '{xxxxxxxxxxxxx}'

gcp_service_account_key can be retrieved by creating a new service account. To do so, create service account with Read Only access to cloudresourcemanager and dns scopes in IAM. Next, generate a new account key for the Service Account by following steps in Reference 2. This should give you a json which can be pasted in a single line in the gcp_service_account_key.

Scopes Required: Cloud DNS, GKE

References:

  1. https://cloud.google.com/iam/docs/service-account-overview

Azure

Supported Azure Services:

  • Virtual Machines

Example Config:

Microsoft Azure can be integrated by using the following configuration block.

- provider: azure # provider is the name of the provider
  # id is the name defined by user for filtering (optional)
  id: staging
  # client_id is the client ID of registered application of the azure account (not requuired if using cli auth)
  client_id: $AZURE_CLIENT_ID
  # client_secret is the secret ID of registered application of the zure account (not requuired if using cli uth)
  client_secret: $AZURE_CLIENT_SECRET
  # tenant_id is the tenant ID of registered application of the azure account (not requuired if using cli auth)
  tenant_id: $AZURE_TENANT_ID
  #subscription_id is the azure subscription id
  subscription_id: $AZURE_SUBSCRIPTION_ID
  #use_cli_auth if set to true cloudlist will use azure cli auth
  use_cli_auth: true

tenant_id, client_id, client_secret can be obtained/generated from All services > Azure Active Directory > App registrations subscription_id can be retrieved from All services > Subscriptions

To use cli auth set use_cli_auth value to true and run az login in the terminal

References:

  1. https://docs.microsoft.com/en-us/cli/azure/create-an-azure-service-principal-azure-cli

  2. https://docs.microsoft.com/en-us/cli/azure/ad/sp?view=azure-cli-latest#az_ad_sp_create_for_rbac

  3. https://docs.microsoft.com/en-us/cli/azure/authenticate-azure-cli

Alibaba Cloud

Suppoted Alibaba Cloud Services:

  • ECS Instances

Example Config:

Alibaba Cloud can be integrated by using the following configuration block.

- provider: alibaba # provider is the name of the provider
  # id is the name defined by user for filtering (optional)
  id: staging
  # alibaba_region_id is the region id of the resources
  alibaba_region_id: $ALIBABA_REGION_ID
  # alibaba_access_key is the access key ID for alibaba cloud account
  alibaba_access_key: $ALIBABA_ACCESS_KEY
  # alibaba_access_key_secret is the secret access key for alibaba cloud account
  alibaba_access_key_secret: $ALIBABA_ACCESS_KEY_SECRET

Alibaba Cloud Access Key ID and Secret can be created by visiting https://ram.console.aliyun.com/manage/ak

References:

  1. https://www.alibabacloud.com/help/faq-detail/142101.htm

  2. https://www.alibabacloud.com/help/doc-detail/53045.htm

Infrastructure & Platform Services

Kubernetes

Support for:

  • Services

  • Ingresses

  • Cross-cloud cluster discovery

Navigate to Assets → Connect Cloud Services → Kubernetes to configure your cluster access.

Hashicorp Stack

Support for:

  • Terraform state file parsing

  • Nomad services

  • Consul services

CDN & DNS Providers

Configure these providers through Assets → Connect Cloud Services:

  • Cloudflare: DNS and CDN assets

  • Fastly: CDN endpoints

  • Namecheap: Domain management

VPS & PaaS Providers

Access these providers through Assets → Connect Cloud Services:

  • DigitalOcean: Droplets and managed services

  • Scaleway: Instances and managed services

  • Heroku: Applications and add-ons

  • Linode: Compute instances

  • Hetzner Cloud: Cloud servers

Scan Configurations

Configure custom HTTP headers, template variables, and interactsh server settings to customize your scan behavior. Access these settings at Scans → Configurations → Scan Settings.

You can configure:

  • Custom HTTP headers for scan requests

  • Template variables for scan customization

  • Interactsh server settings for OOB testing

Template Configurations

Access pre-configured templates or create custom configurations with filtered rules based on:

  • Severity levels

  • Tags

  • Protocol types

  • Template IDs

Configure these settings at Scans → Configurations → Template Profiles.

Want to write your custom templates? Learn more in our Template Editor documentation.