Faraday cli package
Project description
Faraday on the terminal
Use faraday directly from your favorite terminal
faraday-cli is the official client that make automating your security workflows, easier.
Install from pip
pip install faraday-cli
Install from source
git clone https://github.com/infobyte/faraday-cli.git
cd faraday-cli
pip install .
Documentation
For more info you can check our documentation
Use it like a command
Login
Configure auth for farday-cli
$ faraday-cli auth
Create a workspace
When you create a workspace by default is selected as active, unless you use the "-d" flag
$ faraday-cli workspace create some_name
✔ Created workspace: some_name
Select active workspace
$ faraday-cli workspace select some_name
✔ Selected workspace: some_name
List workspaces
$ faraday-cli list_ws
NAME HOSTS SERVICES VULNS ACTIVE PUBLIC READONLY
--------- ------- ---------- ------- -------- -------- ----------
some_name 14 13 39 True False False
List hosts of a workspace
$ faraday-cli host list
ID IP OS HOSTNAMES SERVICES VULNS
---- ----------- ------- --------------- ---------- -------
574 127.0.0.1 unknown 1 3
566 127.0.0.10 unknown 1 3
569 127.0.0.11 unknown 1 3
568 127.0.0.12 unknown 1 3
570 127.0.0.13 unknown 1 3
576 127.0.0.2 unknown 1 3
565 127.0.0.3 unknown 1 3
572 127.0.0.4 unknown 1 3
573 127.0.0.5 unknown 1 3
567 127.0.0.6 unknown 1 3
571 127.0.0.7 unknown 1 3
564 127.0.0.8 unknown 1 3
575 127.0.0.9 unknown 1 3
590 58.76.184.4 unknown www.googlec.com 0 -
Get host
$ faraday-cli host get 574
$ faraday-cli host get 574
Host:
ID IP OS HOSTNAMES OWNER OWNED VULNS
---- --------- ------- ----------- ------- ------- -------
574 127.0.0.1 unknown faraday False 3
Services:
ID NAME DESCRIPTION PROTOCOL PORT VERSION STATUS VULNS
---- ------ ------------- ---------- ------ --------- -------- -------
2638 ssh tcp 22 unknown open 2
Vulnerabilities:
ID NAME SEVERITY STATUS CONFIRMED TOOL
----- ---------------------------------------- ---------- -------- ----------- -------
13509 SSH Weak Encryption Algorithms Supported MED opened False Openvas
13510 SSH Weak MAC Algorithms Supported LOW opened False Openvas
13511 TCP timestamps LOW opened False Openvas
Create hosts
$ faraday-cli host create -d \''[{"ip": "stan.local", "description": "some server"}]'\'
Or pipe it
$ echo '[{"ip": "1.1.1.5", "description": "some text"}]' | faraday-cli host create --stdin
The escaping of the single quotes (\') is only needed when using it as a command. In the shell or using pipes it not necessary
Import vulnerabilities from tool report
$ faraday-cli tool report "/path/to/report.xml"
Import vulnerabilities from command
$ faraday-cli ping -c 1 www.google.com
List agents
$ faraday-cli agent list
id name active status executors
---- -------- -------- -------- -----------
8 internal True online nmap
Run executor
$ faraday-cli agent run -a 1 -e nmap -p \''{"target": "www.google.com"}'\'
Run executor: internal/nmap [{'successful': True}]
Use it like a shell
Faraday-cli can be used as a shell and have all the same commands you have as a cli
Use cases
Continuous scan your assets with faraday
For example run nmap for all the hosts in faraday that listen on the 443 port and import the results back to faraday
$ faraday-cli host list --port 443 -ip | nmap -iL - -oX /tmp/nmap.xml && faraday-cli process_report /tmp/nmap.xml
Scan your subdomains
Use a tool like assetfinder to do a domains lookup, scan them with nmap and send de results to faraday
$ assetfinder -subs-only example.com| sort | uniq |awk 'BEGIN { ORS = ""; print " {\"target\":\""}
{ printf "%s%s", separator, $1, $2
separator = ","}END { print "\"}" }' | faraday-cli agent run -a 1 -e nmap --stdin
2.1.6 [Jul 26th, 2022]:
- Remove workspace from get/list agent and add it to run agent
2.1.5 [Jun 10th, 2022]:
- Now shell mode doesnt exit if it has faraday's url and token but the server is down
- Support multiple tags on import and run
- Update gifs of readme
2.1.4 [May 23th, 2022]:
- Check if token is valid on start in shell mode
2.1.3 [May 20th, 2022]:
- Now is possible to doesn't resolve hostname by changing resolve_hostname parameter
- Fix the colors in Severity Stats
2.1.2 [Jan 11th, 2022]:
- Update Documentation
2.1.1 [Dec 13th, 2021]:
- ADD setting to enable/disable auto command detection
- Fix error message when a command dont generate valid output
- FIX tables visualization when host has to many hostnames
- Show if update is available
2.1.0 [Nov 19th, 2021]:
- Add fields to executive reports generation command
- Add KAKER_MODE easter egg
- update plugins requirements to 1.5.6
2.0.2 [Aug 9th, 2021]:
- add --create-workspace parameter for tool command
- Ask for executive report template if not provided
- Add for executor parameters if not provided
- [FIX] Bug using an invalid executor name
- Update readme to fix some examples
2.0.1 [Jun 29th, 2021]:
- [FIX] Show help if no subcommand is provided
2.0.0 [Jun 29th, 2021]:
- [MOD] Change commands to verbs
- Enable and disable Workspaces
- Fix to use cmd2 2.0 and update requirements
- Show message if license is expired
- [MOD] Change to V3 api of faraday
- Add command to upload evidence to vuln
1.1.1 [Jun 9th, 2021]:
- Fix to use cmd2 2.0 and update requirements
- Show message if license is expired
- [MOD] Change to V3 api of faraday
1.1.0 [Apr 16th, 2021]:
- Add new command to process a tool execution
- Add command to list vulnerabilities
- Add versions to dependencies
- Add setting to ignore INFO vulns
- Show only active workspaces by default unless you use the --show-inactive parameter
- [MOD] Add support for tags
- Update faraday_plugins version dependency
- Fix create_hosts docs typo
- Show user in status
- [MOD] Update faraday-plugins
1.0.2 [Feb 17th, 2021]:
- ADD documentation (made with mkdocs)
- MOD Convert some command and help to plural
- FIX Exit shell in case of invalid authorization result
- FIX faraday 3.14.1 updated security lib, and make login bugged
1.0.1 [Jan 4th, 2021]:
- Fix error in list_host command
1.0.0 [Dec 28th, 2020]:
- Add List Services command
- Change the import command/report message
- Add support for executive reports
- Show in status if token is valid
0.1.0 [Aug 28th, 2020]:
- First version released, use with caution as it is still beta phase.
- Access a faraday server from your CLI, your CI o any other bash interpreter.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
faraday-cli-2.1.6.tar.gz
(52.1 kB
view details)
Built Distribution
File details
Details for the file faraday-cli-2.1.6.tar.gz.
File metadata
- Download URL: faraday-cli-2.1.6.tar.gz
- Upload date:
- Size: 52.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.3.0 pkginfo/1.4.2 requests/2.25.1 setuptools/52.0.0 requests-toolbelt/0.9.1 tqdm/4.57.0 CPython/3.9.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | d3750c12470cbc2a0acb787c4c59fe4122426444e945f54240412caf17e663d5 |
|
| MD5 | 9e2c3b3bd5d848384dfe539ff021a598 |
|
| BLAKE2b-256 | 62c4efb772b3369480262865eed3a78aa6e2ddf82f6557a68cb68e08bbefc233 |
File details
Details for the file faraday_cli-2.1.6-py3-none-any.whl.
File metadata
- Download URL: faraday_cli-2.1.6-py3-none-any.whl
- Upload date:
- Size: 61.3 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.3.0 pkginfo/1.4.2 requests/2.25.1 setuptools/52.0.0 requests-toolbelt/0.9.1 tqdm/4.57.0 CPython/3.9.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 9b3829c0308aba92022103e27560a06fb01d5525100333ebf6f4f375efaba43e |
|
| MD5 | e520564a7fdc236f157e07cb375c48fb |
|
| BLAKE2b-256 | 3f2a1e9901dffb32f041dc9452fde63cdaa89ac0de0902f20ca0dec489cccc54 |
