Adding and Managing Seeds Adding and Managing Seeds

Adding and Managing Seeds

What are seeds?

Chariot uses "seeds" to start its search for risks in your environment. A seed is an origin point for asset discovery. Chariot supports the following types of seeds:

  • Root domains (acme.com)
  • Hostnames (web01.acme.com)
  • CIDR ranges (35.196.215.0/24)
  • IP addresses (35.196.215.192)
  • GitHub organizations (https://github.com/praetorian-inc)
  • GitHub repositories (https://github.com/praetorian-inc/noseyparker)
  • Cloud integrations*

Chariot expands the enumeration scope iteratively until it exhausts all assets discoverable from the provided seeds. For example, starting with a root domain, Chariot might discover subdomains under the root, one of which hosts a web server whose TLS certificate contains additional linked domains. 

*Note, Chariot currently uses a different flow to add cloud seeds, such as AWS accounts, GCP projects, or Azure subscriptions. To add cloud seeds to your Chariot instance please refer to Cloud Providers. You may, however, use the instructions on this page to add generic seed types that merely correspond to assets in a cloud environment, such as IP addresses or domain names that point to cloud-hosted machines.

Viewing seeds

Access the Seeds page from the Attack Surface menu in the top left corner:

The Seeds page contains information about each seed, such as its current status and age. The cards at the top provide counts of each seed type and allow you to filter to those seed types by clicking on them.

Adding seeds

To add new seeds to Chariot, click Add Seeds from the Actions menu:

Type your seed in the Add Seed box. If you need to add multiple seeds at once, drag a text file containing your seeds to the Bulk Upload section instead:

 

add-seeds-dialog.png

 

If using the Bulk Upload section, your seeds file must specify one seed per line, like so:

gladiator.systems
praetorian.com
35.196.215.0/24
https://github.com/gl4diat0r

After receiving new seeds, Chariot will begin enumerating each seed for assets using whois, subdomain enumerators, port scanners, web crawling, and other techniques. Each day, Chariot will repeat all enumeration tasks against all seeds in your instance to discover assets that are created after adding the seed.

Freeze a seed

Chariot will cease all scanning against assets associated with frozen seeds. You can freeze a seed by selecting Freeze from the three-dot-menu on a seed entry:

You can re-activate a seed when you wish to resume scanning:

Delete a seed

Deleting a seed permanently removes it from the system. Assets associated with deleted seeds will expire and age out of the system after seven days. 

To delete a seed, select Delete from the three-dot menu in a seed entry:

Export the seeds

To receive a machine-readable list of your seeds, click one of the Export options from the Actions drop-down menu. This will export all seeds in your account into the chosen file format:

Bulk operations

Chariot supports bulk operations against seeds. To perform any of the operations above against multiple seeds, select each seed you would like to include and click the desired action from the Actions tab:

Articles in this section