Managing Assets

Overview

Assets in Pulsar represent the primary organizational targets you wish to monitor. An asset acts as a root container for all discovered subdomains, IP addresses, and cloud resources. By defining an asset, you establish a scope for Pulsar's automated discovery engines to map an organization's public-facing footprint.

Pulsar organizes data in a hierarchical structure:

1. Asset: The organization or main project (e.g., "Acme Corp").
2. Domain: Registered TLDs and discovered subdomains (e.g., acme.com, api.acme.com).
3. IPv4 Address: Network endpoints resolved from domains or discovered via scanning.

Creating and Configuring Assets

To start a discovery process, you must first define an asset. This can be done through the Pulsar Dashboard or via the REST API.

Via the Web Interface

1. Navigate to the Assets section.
2. Click Create New Asset.
3. Provide a Name and a Description.
4. (Optional) Assign the asset to a Collaboration Group to share access with other team members.

Via the REST API

Assets are managed through the /api/assets/ endpoint.

Request: POST /api/assets/

{
    "name": "Target Organization",
    "description": "Main footprint tracking for Q3",
    "collaboration_groups": [1, 5]
}

Response Properties:

• id (Integer): Unique identifier for the asset.
• owner (String): The username of the asset creator.
• created_at (Timestamp): Date of creation.
• domain_count (Integer): Total number of domains linked to this asset.

Tracking Infrastructure Changes

Pulsar is designed to monitor "asset drift"—changes in the infrastructure over time. As scans run, the system automatically populates the asset's inventory.

Domain Discovery

Once an asset is defined, you can initiate a scan policy. Pulsar utilizes integrated tools like OWASP Amass and RIPEstat API to identify:

• Subdomains and horizontal TLDs.
• Whois information and registration details.
• Associated IP addresses.

Vulnerability Scoring

Each asset is assigned a basic vulnerability score based on the findings from integrated scanners (Nmap, SSH Audit, WhatWeb). This score is aggregated at the Asset level to help you prioritize which targets require immediate attention.

Internal Logic: Asset Calculation

While the frontend displays high-level metrics, the backend utilizes calc_asset_by_task to update asset metadata after every scan.

• New Domains: Detected via checkForNewDomains and automatically linked to the parent Asset.
• Vulnerability Updates: Triggered by checkForNewVuln when a scan identifies a service change or a new CVE matching the NVD Data Feed.

Collaboration and Permissions

Pulsar supports multi-user environments through Django-based group permissions.

• Ownership: The user who creates an asset is the primary owner.
• Shared Access: By adding an asset to a "Collaboration Group," any user within that group can view scan results, trigger new scans, and export data.
• Filtering: The API automatically filters results based on your user profile. You will only see assets you own or those shared with your groups.

API Access Control

When querying assets or related infrastructure (Domains/IPs), the BaseViewSet ensures data isolation:

GET /api/assets/
Authorization: Token <your_api_token>

Returns only the assets the authenticated user is authorized to access.

Data Visualization

The Data Visualization module transforms the asset inventory into a relational graph. This allows you to see:

• The relationship between domains and shared IP blocks.
• Clusters of vulnerable services.
• Infrastructure dependencies (e.g., multiple subdomains pointing to a single cloud provider).

To view this, select an asset from the dashboard and click the Graph View icon. This is particularly useful for identifying "Low-Hanging Fruit" in wide scopes.