harfanglab

HarfangLab is an Endpoint detection and response (EDR) solution certified by ANSSI since 2020
Configuration
Name |
Type |
Description |
url |
string |
URL of the HarfangLab instance |
api_token |
string |
Authentication token for the API |
Actions
List named pipes
Get the list of named pipe on the systems
Arguments
Name |
Type |
Description |
target_agents |
string |
Targeted agents identifier |
target_groups |
string |
Targeted groups identifier |
Outputs
Name |
Type |
Description |
id |
str |
Identifier of the job |
action |
str |
Name of job action |
creationtime |
string |
Creation date of the job |
parameters |
object |
Parameters of the job |
List processes
Get the list of processes on the systems
Arguments
Name |
Type |
Description |
target_agents |
string |
Targeted agents identifier |
target_groups |
string |
Targeted groups identifier |
get_connections_list |
boolean |
Get list of connections (listening and connected sockets) |
get_handles_list |
boolean |
Get list of open handles |
get_signatures_list |
boolean |
Get signature info of processes and DLLs |
Outputs
Name |
Type |
Description |
id |
str |
Identifier of the job |
action |
str |
Name of job action |
creationtime |
string |
Creation date of the job |
parameters |
object |
Parameters of the job |
Module harfanglab v.1.9