aiq-platform-api 1.0.57

Utility functions for AttackIQ Platform API usage

AttackIQ Platform API

⚠️ Beta - Under active development. APIs subject to change. Feedback: rajesh.sharma@attackiq.com | Access: Request invite to AttackIQ GitHub.

Tools for interacting with the AttackIQ Platform API:

• Python SDK (aiq-platform-api) - Async library for Python applications
• CLI (aiq) - Command-line interface

---

Python SDK

Install from PyPI:

pip install aiq-platform-api

Usage

import asyncio
from aiq_platform_api import AttackIQClient, Scenarios, Assets

async def main():
    async with AttackIQClient(
        "https://your-platform.attackiq.com",
        "your-api-token"
    ) as client:
        # Search scenarios
        result = await Scenarios.search_scenarios(client, query="powershell", limit=10)
        print(f"Found {result['count']} scenarios")

        # List assets
        async for asset in Assets.get_assets(client, limit=5):
            print(asset["hostname"])

asyncio.run(main())

---

Configuration

Both the SDK and CLI require these environment variables:

export ATTACKIQ_PLATFORM_URL="https://your-platform.attackiq.com"
export ATTACKIQ_PLATFORM_API_TOKEN="your-api-token"

Or create a .env file in your working directory (auto-loaded).

---

TLS Verification (on-prem / self-signed certificates)

On-prem servers often present self-signed or non-standards-compliant certificates. Both the CLI and SDK can skip verification or trust a custom CA bundle.

Caveat: the error x509: certificate is not standards compliant is a strict certificate-parse rejection, not an untrusted-CA error. Only skipping verification (--insecure / verify=False) fixes it — a custom CA bundle (--cacert / verify="<path>") will not.

Shared environment variables (read by both the CLI and the SDK):

export ATTACKIQ_PLATFORM_INSECURE=true            # skip TLS verification (insecure)
export ATTACKIQ_PLATFORM_CA_BUNDLE=/path/ca.pem   # verify against a custom CA bundle (PEM)

ATTACKIQ_PLATFORM_INSECURE accepts 1, true, yes, or on (case-insensitive). When both vars are set, insecure wins. Disabling verification emits a visible warning.

CLI

aiq assets list -k                       # or --insecure; skip verification
aiq assets list --cacert /path/ca.pem    # verify against a custom CA bundle

A flag overrides the matching env var (e.g. --insecure=false keeps verification on even when ATTACKIQ_PLATFORM_INSECURE=true).

Python SDK

AttackIQClient(url, token, verify=False)           # skip verification (insecure)
AttackIQClient(url, token, verify="/path/ca.pem")  # verify against a custom CA bundle

When verify is omitted it falls back to the ATTACKIQ_PLATFORM_INSECURE / ATTACKIQ_PLATFORM_CA_BUNDLE env vars; an explicit argument always wins.

---

CLI

Quick Install (Recommended)

Linux / macOS

GITHUB_TOKEN="your_token" sh -c 'curl -fsSL -H "Authorization: token $GITHUB_TOKEN" \
  https://raw.githubusercontent.com/AttackIQ/aiq-platform-api/main/install.sh | sh'

Add to PATH (first time only):

echo 'export PATH="$HOME/.local/bin:$PATH"' >> ~/.zshrc  # or ~/.bashrc

Auto-detects OS/arch, installs to ~/.local/bin (no sudo).

Windows (Native)

PowerShell installer:

$env:GITHUB_TOKEN = "your_token"
Invoke-WebRequest -Uri "https://raw.githubusercontent.com/AttackIQ/aiq-platform-api/main/install.ps1" -Headers @{Authorization="token $env:GITHUB_TOKEN"} -OutFile "$env:TEMP\install.ps1"
powershell -ExecutionPolicy Bypass -File "$env:TEMP\install.ps1"

Installs to %LOCALAPPDATA%\Programs\aiq and adds to PATH automatically.

Usage

# List available commands
aiq --help

# List assessments
aiq assessments list

# Search assets
aiq assets search --query "hostname"

# Get scenario details
aiq scenarios get --scenario-id "abc123"

Shell Completion

The CLI supports shell completion for bash, zsh, fish, and PowerShell.

Bash

Current session:

source <(aiq completion bash)

Permanent installation:

# Linux
aiq completion bash | sudo tee /etc/bash_completion.d/aiq

# macOS
aiq completion bash > $(brew --prefix)/etc/bash_completion.d/aiq

Zsh

Current session:

source <(aiq completion zsh)

Permanent installation:

# Add to ~/.zshrc
echo "source <(aiq completion zsh)" >> ~/.zshrc

# Or install to completions directory
aiq completion zsh > "${fpath[1]}/_aiq"

Fish

Permanent installation:

aiq completion fish | source

# Or save to completions directory
aiq completion fish > ~/.config/fish/completions/aiq.fish

PowerShell

Current session:

aiq completion powershell | Out-String | Invoke-Expression

Permanent installation: Add the following to your PowerShell profile:

aiq completion powershell | Out-String | Invoke-Expression

Contributing

We welcome feedback and contributions! For detailed contribution guidelines, please see CONTRIBUTING.md.

Quick ways to contribute:

• Open issues for bugs or feature requests
• Submit pull requests
• Provide feedback on the API design

License

MIT License - See LICENSE file for details