Skip to main content

Faraday cli package

Project description

Faraday on the terminal

Use faraday directly from your favorite terminal

Example

faraday-cli is the official client that make automating your security workflows, easier.

Install from pip

pip install faraday-cli

Install from source

git clone https://github.com/infobyte/faraday-cli.git
cd faraday-cli
pip install .

Documentation

For more info you can check our documentation

Use it like a command

Login

Configure auth for farday-cli

$ faraday-cli auth

Example

Create a workspace

When you create a workspace by default is selected as active, unless you use the "-d" flag

$ faraday-cli workspace create some_name
✔ Created workspace: some_name

Select active workspace

$ faraday-cli workspace select some_name
✔ Selected workspace: some_name

List workspaces

$ faraday-cli list_ws
NAME         HOSTS    SERVICES    VULNS  ACTIVE    PUBLIC    READONLY
---------  -------  ----------  -------  --------  --------  ----------
some_name       14          13       39  True      False     False

List hosts of a workspace

$ faraday-cli host list
  ID  IP           OS       HOSTNAMES          SERVICES  VULNS
----  -----------  -------  ---------------  ----------  -------
 574  127.0.0.1    unknown                            1  3
 566  127.0.0.10   unknown                            1  3
 569  127.0.0.11   unknown                            1  3
 568  127.0.0.12   unknown                            1  3
 570  127.0.0.13   unknown                            1  3
 576  127.0.0.2    unknown                            1  3
 565  127.0.0.3    unknown                            1  3
 572  127.0.0.4    unknown                            1  3
 573  127.0.0.5    unknown                            1  3
 567  127.0.0.6    unknown                            1  3
 571  127.0.0.7    unknown                            1  3
 564  127.0.0.8    unknown                            1  3
 575  127.0.0.9    unknown                            1  3
 590  58.76.184.4  unknown  www.googlec.com           0  -

Get host

$ faraday-cli host get 574

$ faraday-cli host get 574
Host:
  ID  IP         OS       HOSTNAMES    OWNER    OWNED      VULNS
----  ---------  -------  -----------  -------  -------  -------
 574  127.0.0.1  unknown               faraday  False          3

Services:
  ID  NAME    DESCRIPTION    PROTOCOL      PORT  VERSION    STATUS      VULNS
----  ------  -------------  ----------  ------  ---------  --------  -------
2638  ssh                    tcp             22  unknown    open            2

Vulnerabilities:
   ID  NAME                                      SEVERITY    STATUS    CONFIRMED    TOOL
-----  ----------------------------------------  ----------  --------  -----------  -------
13509  SSH Weak Encryption Algorithms Supported  MED         opened    False        Openvas
13510  SSH Weak MAC Algorithms Supported         LOW         opened    False        Openvas
13511  TCP timestamps                            LOW         opened    False        Openvas

Create hosts

$ faraday-cli host create -d \''[{"ip": "stan.local", "description": "some server"}]'\'

Or pipe it

$ echo '[{"ip": "1.1.1.5", "description": "some text"}]' | faraday-cli host create --stdin

The escaping of the single quotes (\') is only needed when using it as a command. In the shell or using pipes it not necessary

Import vulnerabilities from tool report

$ faraday-cli tool report "/path/to/report.xml"

Example

Import vulnerabilities from command

$ faraday-cli ping -c 1 www.google.com

Example

List agents

$ faraday-cli agent list
  id  name      active    status    executors
----  --------  --------  --------  -----------
   8  internal  True      online    nmap

Run executor

$ faraday-cli agent run -a 1 -e nmap -p \''{"target": "www.google.com"}'\'
Run executor: internal/nmap [{'successful': True}]

Use it like a shell

Faraday-cli can be used as a shell and have all the same commands you have as a cli

Example

Use cases

Continuous scan your assets with faraday

For example run nmap for all the hosts in faraday that listen on the 443 port and import the results back to faraday

$ faraday-cli host list --port 443 -ip | nmap -iL - -oX /tmp/nmap.xml  && faraday-cli process_report /tmp/nmap.xml

Scan your subdomains

Use a tool like assetfinder to do a domains lookup, scan them with nmap and send de results to faraday

$ assetfinder -subs-only example.com| sort | uniq |awk 'BEGIN { ORS = ""; print " {\"target\":\""}
{ printf "%s%s", separator, $1, $2
separator = ","}END { print "\"}" }' | faraday-cli  agent run  -a 1 -e nmap --stdin

2.1.3 [May 20th, 2022]:

  • ADD possibility to avoid resolve hostname by changing resolve_hostname parameter
  • Fix the colors in Severity Stats

2.1.2 [Jan 11th, 2022]:

  • Update Documentation
  • Workaround for api bug

2.1.1 [Dec 13th, 2021]:

  • ADD setting to enable/disable auto command detection
  • Fix error message when a command dont generate valid output
  • FIX tables visualization when host has to many hostnames
  • Show if update is available

2.1.0 [Nov 19th, 2021]:

  • Add fields to executive reports generation command
  • Add KAKER_MODE easter egg
  • update plugins requirements to 1.5.6

2.0.2 [Aug 9th, 2021]:

  • add --create-workspace parameter for tool command
  • Ask for executive report template if not provided
  • Add for executor parameters if not provided
  • [FIX] Bug using an invalid executor name
  • Update readme to fix some examples

2.0.1 [Jun 29th, 2021]:

  • [FIX] Show help if no subcommand is provided

2.0.0 [Jun 29th, 2021]:

  • [MOD] Change commands to verbs
  • Enable and disable Workspaces
  • Fix to use cmd2 2.0 and update requirements
  • Show message if license is expired
  • [MOD] Change to V3 api of faraday
  • Add command to upload evidence to vuln

1.1.1 [Jun 9th, 2021]:

  • Fix to use cmd2 2.0 and update requirements
  • Show message if license is expired
  • [MOD] Change to V3 api of faraday

1.1.0 [Apr 16th, 2021]:

  • Add new command to process a tool execution
  • Add command to list vulnerabilities
  • Add versions to dependencies
  • Add setting to ignore INFO vulns
  • Show only active workspaces by default unless you use the --show-inactive parameter
  • [MOD] Add support for tags
  • Update faraday_plugins version dependency
  • Fix create_hosts docs typo
  • Show user in status
  • [MOD] Update faraday-plugins

1.0.2 [Feb 17th, 2021]:

  • ADD documentation (made with mkdocs)
  • MOD Convert some command and help to plural
  • FIX Exit shell in case of invalid authorization result
  • FIX faraday 3.14.1 updated security lib, and make login bugged

1.0.1 [Jan 4th, 2021]:

  • Fix error in list_host command

1.0.0 [Dec 28th, 2020]:

  • Add List Services command
  • Change the import command/report message
  • Add support for executive reports
  • Show in status if token is valid

0.1.0 [Aug 28th, 2020]:

  • First version released, use with caution as it is still beta phase.
  • Access a faraday server from your CLI, your CI o any other bash interpreter.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

faraday-cli-2.1.3.tar.gz (51.8 kB view details)

Uploaded Source

Built Distribution

faraday_cli-2.1.3-py3-none-any.whl (61.2 kB view details)

Uploaded Python 3

File details

Details for the file faraday-cli-2.1.3.tar.gz.

File metadata

  • Download URL: faraday-cli-2.1.3.tar.gz
  • Upload date:
  • Size: 51.8 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.3.0 pkginfo/1.4.2 requests/2.25.1 setuptools/52.0.0 requests-toolbelt/0.9.1 tqdm/4.57.0 CPython/3.9.2

File hashes

Hashes for faraday-cli-2.1.3.tar.gz
Algorithm Hash digest
SHA256 8734df069f41c2675ee1e960a09010565fb121795b7b07f6ad84764c7f93458c
MD5 9c84e9debac4ce1faf7e75e59a03610e
BLAKE2b-256 c24de8c4034474938dbe86be92f5bdf15e7d57d4ea3f169df0aa79620b50e665

See more details on using hashes here.

File details

Details for the file faraday_cli-2.1.3-py3-none-any.whl.

File metadata

  • Download URL: faraday_cli-2.1.3-py3-none-any.whl
  • Upload date:
  • Size: 61.2 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.3.0 pkginfo/1.4.2 requests/2.25.1 setuptools/52.0.0 requests-toolbelt/0.9.1 tqdm/4.57.0 CPython/3.9.2

File hashes

Hashes for faraday_cli-2.1.3-py3-none-any.whl
Algorithm Hash digest
SHA256 7c0f4c0b54a4095c4916b4f755b6e91961958ccafa2add7ed724aec9605f42dc
MD5 67e43e29c6acd208ed49294f567b0c16
BLAKE2b-256 4cf4789e9ececbfa7b6e70b1813fce0739fda70314ee39d8d55d56f7da1099ef

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page