Chariot provides a webhook integration that allows you to send assets and risks from external applications directly to your Chariot instance. This integration is useful for connecting tools and systems that don't have an official Chariot integration.

Enable the Webhook URL

Each Chariot instance supports one active webhook. To enable the webhook for your instance:

Navigate to the Settings page.

Find the "Webhook URL" section.

Click the "Generate URL" button to create your unique Chariot Webhook URL.

If you prefer using the command line, you can enable and retrieve your webhook URL using the Praetorian CLI:

$ praetorian chariot add webhook
https://xxxxxxxxxxxx.execute-api.us-east-2.amazonaws.com/chariot/hook/:username/:pin

Add a Vulnerability

To add a vulnerability to be tracked in Chariot, send the following request:

curl -X 'POST' \
'https://<webhook.url>' \
-H 'accept: */*' \
-H 'Content-Type: application/json' \
-d '{
"dns": "public-facing-api.domain.com",
"name": "192.168.15.30",
"finding": "Exposed_Admin_Interface" # must match regex /^\\S+$/
}'

The risk will now appear in your Vulnerabilities page:

Add an asset

To add an asset to Chariot, send the following request:

curl -X 'POST' \
'https://<webhook.url>' \
-H 'accept: */*' \
-H 'Content-Type: application/json' \
-d '{
"dns": "staging.domain.com",
"name": "10.1.1.5"
}'

This will add a new asset to your Assets page:

If you run into any issues or have questions about maximizing the value of the webhook, our support team is ready to help. You can reach us at support@praetorian.com, and we'll be happy to guide you through any challenges you encounter.