This guide will use Python to connect to ASM via API to create and/or delete.
The script will contain a menu with 3 options
- List current projects and project ID
- Create New Project
- Delete Project
Step 1: Import "request" Module & Create Main Function
import requests
def main():
try:
# Input API key and Secret via api_credentials.json file
with open('api_credentials.json', 'r') as file:
credentials = json.load(file)
api_key = credentials.get('api_key')
api_secret = credentials.get('api_secret')
except FileNotFoundError:
# Error message if api_credentials.json file is not found
print("Error: api_credentials.json not found.")
exit(1)
except json.JSONDecodeError:
# Error message if api_credentials.json is not formated correctly
print("Error: Unable to parse api_credentials.json.")
exit(1)
The main function will look for file api_credentials.json to be in the same directory of the script. This file will contain the API Key and Secret.
The format should be:
{"api_key": "xxxxxxxxxxxxxxxxxxx", "api_secret": "xxxxxxxxxxxxxxxxxxxx"}
Step 2: Add get_project Function To List Existing Projects
def get_projects(api_key, api_secret):
# API Key and Secret gathered from api_credentials.json file
headers = {
'INTRIGUE_ACCESS_KEY': api_key,
'INTRIGUE_SECRET_KEY': api_secret
}
base_projects ="https://asm-api.advantage.mandiant.com/api/v1/projects"
try:
response = requests.get(base_projects, headers=headers)
if response.status_code == 200:
json_output = response.json()
projects = json_output.get('result', [])
return projects
else:
print(f"Error: {response.status_code}, {response.text}")
return []
except requests.RequestException as e:
print(f"Request failed: {e}")
return []
Step 3: Create create_project Function
def create_project(api_key, api_secret, project_name):
headers = {
'INTRIGUE_ACCESS_KEY': api_key,
'INTRIGUE_SECRET_KEY': api_secret
}
base_projects = "https://asm-api.advantage.mandiant.com/api/v1/projects"
confirmation = input(f"Are you sure you want to create a new project named '{project_name}'? (y/n): ").lower()
if confirmation != 'y':
print("New project creation canceled.")
new_project_payload = {"name": project_name}
try:
response = requests.post(base_projects, headers=headers, json=new_project_payload)
if response.status_code == 200:
print(f"New project created successfully!")
else:
print(f"Error: {response.status_code}, {response.text}")
except requests.RequestException as e:
print(f"Request failed: {e}")
Step 4: Create delete_project
def delete_project(api_key, api_secret):
uuid = input("Enter Project UUID you want to delete...")
headers = {
'INTRIGUE_ACCESS_KEY': api_key,
'INTRIGUE_SECRET_KEY': api_secret
}
base_url = "https://asm-api.advantage.mandiant.com"
url_delete_project = f"/api/v1/projects/{uuid}"
base_projects = base_url + url_delete_project
confirmation = input(f"Are you sure you want to delete project UUID '{uuid}'? (y/n): ").lower()
if confirmation != 'y':
print("New project has been canceled.")
return
try:
response = requests.delete(base_projects, headers=headers, json=uuid)
if response.status_code == 200:
print("Project Deleted Successfully!")
else:
print(f"Error: {response.status_code}, {response.text}")
except requests.RequestException as e:
print(f"Request failed: {e}")
Step 5: Create Menu in main project
while True:
print("Menu:")
print("1. Display Projects Information")
print("2. Create a New Project")
print("3. Delete Project")
print("4. Exit")
choice = input("Enter your choice (1/2/3/4): ")
if choice == '1':
display_projects(api_key, api_secret)
elif choice == '2':
create_project(api_key, api_secret)
elif choice == '3':
delete_project(api_key, api_secret)
elif choice == '4':
print("Exiting the program. Goodbye!")
break
else:
print("Invalid choice. Please enter a valid option.")
if __name__ == "__main__":
main()
Reference: ASM API Documentation