Agnech
Report Type

Vulnerability Catalog

Complete inventory of all detected vulnerabilities with filtering, sorting, and export options. The comprehensive reference for tracking security issues.

Overview

The Vulnerability Catalog provides a complete, searchable inventory of all security findings. Use it to track remediation progress, export to ticketing systems, and generate compliance evidence.

Bash
1# Generate vulnerability catalog
2bloodhound report catalog --output catalog.html
3

4# Interactive catalog (opens in browser)
5bloodhound report catalog --interactive
6

7# Export all findings to CSV for spreadsheet analysis
8bloodhound report catalog --format csv --output findings.csv
9

10# JSON for programmatic access
11bloodhound report catalog --format json --output catalog.json
Critical
3 findings
High
12 findings
Medium
34 findings
Low
21 findings

Catalog Structure

Text
1# Vulnerability Catalog Output
2

3═══════════════════════════════════════════════════════════════════
4                    VULNERABILITY CATALOG
5                    Total: 70 findings
6                    Generated: 2024-01-15 14:32:00 UTC
7═══════════════════════════════════════════════════════════════════
8

9ID          Severity   CWE      Category            File                    Line
10────────────────────────────────────────────────────────────────────────────────
11SQL-001     CRITICAL   CWE-89   SQL Injection       src/api/users.ts        142
12SQL-002     CRITICAL   CWE-89   SQL Injection       src/api/products.ts     89
13AUTH-001    CRITICAL   CWE-287  Auth Bypass         src/middleware/auth.ts  34
14XSS-001     HIGH       CWE-79   Cross-Site Script   src/views/profile.tsx   156
15XSS-002     HIGH       CWE-79   Cross-Site Script   src/views/comment.tsx   78
16DEPS-001    HIGH       CWE-1395 Vulnerable Dep      package.json            -
17DEPS-002    HIGH       CWE-1395 Vulnerable Dep      package.json            -
18CRYPTO-001  HIGH       CWE-327  Weak Crypto         src/utils/encrypt.ts    23
19PATH-001    MEDIUM     CWE-22   Path Traversal      src/api/files.ts        67
20CSRF-001    MEDIUM     CWE-352  Missing CSRF        src/routes/admin.ts     45
21...         ...        ...      ...                 ...                     ...
22

23────────────────────────────────────────────────────────────────────────────────
24Showing 10 of 70 findings. Use --all to show all findings.
25

26SUMMARY BY CATEGORY
27───────────────────────────────────────────────────────────────────
28Injection          │████████████████████│  18 (26%)
29Authentication     │█████████░░░░░░░░░░░│   9 (13%)
30Cryptography       │██████░░░░░░░░░░░░░░│   6 (9%)
31XSS                │████████████░░░░░░░░│  12 (17%)
32Dependencies       │████████░░░░░░░░░░░░│   8 (11%)
33Access Control     │██████████░░░░░░░░░░│  10 (14%)
34Other              │███████░░░░░░░░░░░░░│   7 (10%)

Filtering & Sorting

Powerful filtering options to find exactly what you need.

Filter Options

  • • By severity level
  • • By CWE category
  • • By file path pattern
  • • By detection engine
  • • By status (open/fixed)

Sort Options

  • • By severity (default)
  • • By file path
  • • By category
  • • By detection date
  • • By confidence score
Bash
1# Filter by severity
2bloodhound report catalog --severity critical,high
3

4# Filter by category
5bloodhound report catalog --category injection,xss
6

7# Filter by file pattern
8bloodhound report catalog --path "src/api/**/*.ts"
9

10# Filter by CWE
11bloodhound report catalog --cwe 89,79,22
12

13# Filter by engine
14bloodhound report catalog --engine taint,sast
15

16# Combine filters
17bloodhound report catalog \
18  --severity critical,high \
19  --category injection \
20  --path "src/**" \
21  --since 2024-01-01
22

23# Sort options
24bloodhound report catalog --sort severity    # Default
25bloodhound report catalog --sort file
26bloodhound report catalog --sort date-desc
27bloodhound report catalog --sort confidence
28

29# Search by text
30bloodhound report catalog --search "password"
31bloodhound report catalog --search "SQL"
32

33# Pagination
34bloodhound report catalog --limit 50 --offset 0

Grouping Options

Group findings by different criteria for easier analysis.

Bash
1# Group by file
2bloodhound report catalog --group-by file
3

4# Output:
5# src/api/users.ts (5 findings)
6#   ├── SQL-001 [CRITICAL] SQL Injection (line 142)
7#   ├── XSS-003 [HIGH] Reflected XSS (line 89)
8#   ├── AUTH-002 [MEDIUM] Weak Session (line 234)
9#   └── ...
10

11# Group by category
12bloodhound report catalog --group-by category
13

14# Output:
15# SQL Injection (3 findings)
16#   ├── SQL-001 [CRITICAL] src/api/users.ts:142
17#   ├── SQL-002 [CRITICAL] src/api/products.ts:89
18#   └── SQL-003 [HIGH] src/api/orders.ts:156
19

20# Group by severity
21bloodhound report catalog --group-by severity
22

23# Group by CWE
24bloodhound report catalog --group-by cwe
25

26# Group by team (requires team configuration)
27bloodhound report catalog --group-by team
28

29# Nested grouping
30bloodhound report catalog --group-by severity,category

Export Formats

Export the catalog in various formats for different use cases.

CSV

.csv

Spreadsheet-compatible format for Excel, Google Sheets, or custom analysis.

JSON

.json

Machine-readable format for CI/CD integration and custom tooling.

SARIF

.sarif

Static Analysis Results Interchange Format for GitHub/GitLab integration.

HTML

.html

Interactive web report with filtering, sorting, and search capabilities.

Bash
1# Export all formats
2bloodhound report catalog --format csv --output catalog.csv
3bloodhound report catalog --format json --output catalog.json
4bloodhound report catalog --format sarif --output catalog.sarif
5bloodhound report catalog --format html --output catalog.html
6

7# Multiple formats at once
8bloodhound report catalog \
9  --output catalog.csv \
10  --output catalog.json \
11  --output catalog.html

Tool Integration

Export findings directly to issue trackers and security platforms.

Bash
1# Export to Jira
2bloodhound report catalog --export jira \
3  --jira-url https://company.atlassian.net \
4  --jira-project SEC \
5  --severity critical,high
6

7# Export to GitHub Issues
8bloodhound report catalog --export github-issues \
9  --repo owner/repo \
10  --labels security,vulnerability
11

12# Export to GitLab Issues
13bloodhound report catalog --export gitlab-issues \
14  --project-id 12345
15

16# Export to ServiceNow
17bloodhound report catalog --export servicenow \
18  --instance company.service-now.com \
19  --table sn_vul_vulnerability
20

21# Export to DefectDojo
22bloodhound report catalog --export defectdojo \
23  --url https://defectdojo.company.com \
24  --product-id 1 \
25  --engagement-id 2
26

27# Sync status back from issue tracker
28bloodhound sync jira --project SEC

Two-Way Sync

Enterprise plans support bidirectional sync. When issues are closed in your tracker, findings are automatically marked as resolved in Bloodhound.