# Faraday on the terminal
Use faraday directly from your favorite terminal
faraday-cli is the official client that make automating your security workflows, easier.
## Install from pip
```
pip install faraday-cli
```
## Install from source
```shell script
git clone https://github.com/infobyte/faraday-cli.git
cd faraday-cli
pip install .
```
## Documentation
For more info you can check our [documentation][doc]
## Use it like a command
### Login
Configure auth for farday-cli
```shell script
$ faraday-cli auth
```
### Create a workspace
When you create a workspace by default is selected as active, unless you use the "-d" flag
```shell script
$ faraday-cli workspace create some_name
✔ Created workspace: some_name
```
### Select active workspace
```shell script
$ faraday-cli workspace select some_name
✔ Selected workspace: some_name
```
### List workspaces
```shell script
$ faraday-cli list_ws
NAME HOSTS SERVICES VULNS ACTIVE PUBLIC READONLY
--------- ------- ---------- ------- -------- -------- ----------
some_name 14 13 39 True False False
```
### List hosts of a workspace
```shell script
$ faraday-cli host list
ID IP OS HOSTNAMES SERVICES VULNS
---- ----------- ------- --------------- ---------- -------
574 127.0.0.1 unknown 1 3
566 127.0.0.10 unknown 1 3
569 127.0.0.11 unknown 1 3
568 127.0.0.12 unknown 1 3
570 127.0.0.13 unknown 1 3
576 127.0.0.2 unknown 1 3
565 127.0.0.3 unknown 1 3
572 127.0.0.4 unknown 1 3
573 127.0.0.5 unknown 1 3
567 127.0.0.6 unknown 1 3
571 127.0.0.7 unknown 1 3
564 127.0.0.8 unknown 1 3
575 127.0.0.9 unknown 1 3
590 58.76.184.4 unknown www.googlec.com 0 -
```
### Get host
```shell script
$ faraday-cli host get 574
$ faraday-cli host get 574
Host:
ID IP OS HOSTNAMES OWNER OWNED VULNS
---- --------- ------- ----------- ------- ------- -------
574 127.0.0.1 unknown faraday False 3
Services:
ID NAME DESCRIPTION PROTOCOL PORT VERSION STATUS VULNS
---- ------ ------------- ---------- ------ --------- -------- -------
2638 ssh tcp 22 unknown open 2
Vulnerabilities:
ID NAME SEVERITY STATUS CONFIRMED TOOL
----- ---------------------------------------- ---------- -------- ----------- -------
13509 SSH Weak Encryption Algorithms Supported MED opened False Openvas
13510 SSH Weak MAC Algorithms Supported LOW opened False Openvas
13511 TCP timestamps LOW opened False Openvas
```
### Create hosts
```shell script
$ faraday-cli host create -d \''[{"ip": "stan.local", "description": "some server"}]'\'
```
Or pipe it
```shell script
$ echo '[{"ip": "1.1.1.5", "description": "some text"}]' | faraday-cli host create --stdin
```
**The escaping of the single quotes (\\') is only needed when using it as a command.
In the shell or using pipes it not necessary**
### Import vulnerabilities from tool report
```shell script
$ faraday-cli tool report "/path/to/report.xml"
```
### Import vulnerabilities from command
```shell script
$ faraday-cli ping -c 1 www.google.com
```
### List agents
```shell script
$ faraday-cli agent list
id name active status executors
---- -------- -------- -------- -----------
8 internal True online nmap
```
### Run executor
```shell script
$ faraday-cli agent run -a 1 -e nmap -p \''{"target": "www.google.com"}'\'
Run executor: internal/nmap [{'successful': True}]
```
## Use it like a shell
Faraday-cli can be used as a shell and have all the same commands you have as a cli
## Use cases
### Continuous scan your assets with faraday
For example run nmap for all the hosts in faraday that listen on the 443 port and import the results back to faraday
```shell
$ faraday-cli host list --port 443 -ip | nmap -iL - -oX /tmp/nmap.xml && faraday-cli process_report /tmp/nmap.xml
```
### Scan your subdomains
Use a tool like assetfinder to do a domains lookup, scan them with nmap and send de results to faraday
```shell
$ assetfinder -subs-only example.com| sort | uniq |awk 'BEGIN { ORS = ""; print " {\"target\":\""}
{ printf "%s%s", separator, $1, $2
separator = ","}END { print "\"}" }' | faraday-cli agent run -a 1 -e nmap --stdin
```
[doc]: https://docs.faraday-cli.faradaysec.com
2.1.11 [Feb 26th, 2024]:
---
* [FIX] Fix workspace activation. #87
2.1.10 [Apr 5th, 2023]:
---
* [MOD] Change resolve_hostname to false for default, add the --resolve-hostname flag for host create and add --force flag to tool run to process the output of the command regardless of the return code. #79
2.1.9 [Dec 15th, 2022]:
---
* [ADD] Add vuln delete vuln-id.
2.1.8 [OCt 27th, 2022]:
---
* [ADD] New method to update existing vuln.
2.1.7 [Sep 13th, 2022]:
---
* Add personal status.
* Replace the apply_tag function with plugins parameters.
* Update agents docs.
2.1.6 [Jul 26th, 2022]:
---
* Remove workspace from get/list agent and add it to run agent.
2.1.5 [Jun 10th, 2022]:
---
* Now shell mode doesn't exit if it has faraday's url and token but the server is down.
* Support multiple tags on import and run.
* Update gifs of readme.
2.1.4 [May 23th, 2022]:
---
* Check if token is valid on start in shell mode.
2.1.3 [May 20th, 2022]:
---
* Now is possible to doesn't resolve hostname by changing resolve_hostname parameter.
* Fix the colors in Severity Stats.
2.1.2 [Jan 11th, 2022]:
---
* Update Documentation.
2.1.1 [Dec 13th, 2021]:
---
* ADD setting to enable/disable auto command detection.
* Fix error message when a command dont generate valid output.
* FIX tables visualization when host has to many hostnames.
* Show if update is available.
2.1.0 [Nov 19th, 2021]:
---
* Add fields to executive reports generation command.
* Add KAKER_MODE easter egg.
* Update plugins requirements to 1.5.6
2.0.2 [Aug 9th, 2021]:
---
* add --create-workspace parameter for tool command
* Ask for executive report template if not provided
* Add for executor parameters if not provided
* [FIX] Bug using an invalid executor name
* Update readme to fix some examples
2.0.1 [Jun 29th, 2021]:
---
* [FIX] Show help if no subcommand is provided
2.0.0 [Jun 29th, 2021]:
---
* [MOD] Change commands to verbs
* Enable and disable Workspaces
* Fix to use cmd2 2.0 and update requirements
* Show message if license is expired
* [MOD] Change to V3 api of faraday
* Add command to upload evidence to vuln
1.1.1 [Jun 9th, 2021]:
---
* Fix to use cmd2 2.0 and update requirements
* Show message if license is expired
* [MOD] Change to V3 api of faraday
1.1.0 [Apr 16th, 2021]:
---
* Add new command to process a tool execution
* Add command to list vulnerabilities
* Add versions to dependencies
* Add setting to ignore INFO vulns
* Show only active workspaces by default unless you use the --show-inactive parameter
* [MOD] Add support for tags
* Update faraday_plugins version dependency
* Fix create_hosts docs typo
* Show user in status
* [MOD] Update faraday-plugins
1.0.2 [Feb 17th, 2021]:
---
* ADD documentation (made with mkdocs)
* MOD Convert some command and help to plural
* FIX Exit shell in case of invalid authorization result
* FIX faraday 3.14.1 updated security lib, and make login bugged
1.0.1 [Jan 4th, 2021]:
---
* Fix error in list_host command
1.0.0 [Dec 28th, 2020]:
---
* Add List Services command
* Change the import command/report message
* Add support for executive reports
* Show in status if token is valid
0.1.0 [Aug 28th, 2020]:
---
* First version released, use with caution as it is still beta phase.
* Access a faraday server from your CLI, your CI o any other bash interpreter.
Raw data
{
"_id": null,
"home_page": "https://github.com/infobyte/faraday-cli",
"name": "faraday-cli",
"maintainer": "",
"docs_url": null,
"requires_python": ">3.7.0",
"maintainer_email": "",
"keywords": "",
"author": "Faradaysec",
"author_email": "devel@faradaysec.com",
"download_url": "https://files.pythonhosted.org/packages/bd/f0/37d0fe4eb4ba02553ee8b30eff88af292f0c9559b455d09d5ed2786a8716/faraday-cli-2.1.11.tar.gz",
"platform": null,
"description": "# Faraday on the terminal\nUse faraday directly from your favorite terminal\n\n\n\nfaraday-cli is the official client that make automating your security workflows, easier.\n\n## Install from pip\n\n```\npip install faraday-cli\n```\n\n## Install from source\n```shell script\ngit clone https://github.com/infobyte/faraday-cli.git\ncd faraday-cli\npip install .\n```\n\n## Documentation\n\nFor more info you can check our [documentation][doc]\n\n\n## Use it like a command\n\n### Login\n\nConfigure auth for farday-cli\n\n```shell script\n$ faraday-cli auth\n```\n\n\n\n### Create a workspace\nWhen you create a workspace by default is selected as active, unless you use the \"-d\" flag\n```shell script\n$ faraday-cli workspace create some_name\n\u2714 Created workspace: some_name\n```\n\n### Select active workspace\n\n```shell script\n$ faraday-cli workspace select some_name\n\u2714 Selected workspace: some_name\n```\n\n### List workspaces\n\n```shell script\n$ faraday-cli list_ws\nNAME HOSTS SERVICES VULNS ACTIVE PUBLIC READONLY\n--------- ------- ---------- ------- -------- -------- ----------\nsome_name 14 13 39 True False False\n```\n\n### List hosts of a workspace\n\n```shell script\n$ faraday-cli host list\n ID IP OS HOSTNAMES SERVICES VULNS\n---- ----------- ------- --------------- ---------- -------\n 574 127.0.0.1 unknown 1 3\n 566 127.0.0.10 unknown 1 3\n 569 127.0.0.11 unknown 1 3\n 568 127.0.0.12 unknown 1 3\n 570 127.0.0.13 unknown 1 3\n 576 127.0.0.2 unknown 1 3\n 565 127.0.0.3 unknown 1 3\n 572 127.0.0.4 unknown 1 3\n 573 127.0.0.5 unknown 1 3\n 567 127.0.0.6 unknown 1 3\n 571 127.0.0.7 unknown 1 3\n 564 127.0.0.8 unknown 1 3\n 575 127.0.0.9 unknown 1 3\n 590 58.76.184.4 unknown www.googlec.com 0 -\n```\n\n### Get host\n\n```shell script\n$ faraday-cli host get 574\n\n$ faraday-cli host get 574\nHost:\n ID IP OS HOSTNAMES OWNER OWNED VULNS\n---- --------- ------- ----------- ------- ------- -------\n 574 127.0.0.1 unknown faraday False 3\n\nServices:\n ID NAME DESCRIPTION PROTOCOL PORT VERSION STATUS VULNS\n---- ------ ------------- ---------- ------ --------- -------- -------\n2638 ssh tcp 22 unknown open 2\n\nVulnerabilities:\n ID NAME SEVERITY STATUS CONFIRMED TOOL\n----- ---------------------------------------- ---------- -------- ----------- -------\n13509 SSH Weak Encryption Algorithms Supported MED opened False Openvas\n13510 SSH Weak MAC Algorithms Supported LOW opened False Openvas\n13511 TCP timestamps LOW opened False Openvas\n```\n\n### Create hosts\n\n```shell script\n$ faraday-cli host create -d \\''[{\"ip\": \"stan.local\", \"description\": \"some server\"}]'\\'\n```\n\nOr pipe it\n```shell script\n$ echo '[{\"ip\": \"1.1.1.5\", \"description\": \"some text\"}]' | faraday-cli host create --stdin\n\n```\n**The escaping of the single quotes (\\\\') is only needed when using it as a command.\nIn the shell or using pipes it not necessary**\n\n\n### Import vulnerabilities from tool report\n\n```shell script\n$ faraday-cli tool report \"/path/to/report.xml\"\n```\n\n\n### Import vulnerabilities from command\n\n```shell script\n$ faraday-cli ping -c 1 www.google.com\n```\n\n\n### List agents\n\n```shell script\n$ faraday-cli agent list\n id name active status executors\n---- -------- -------- -------- -----------\n 8 internal True online nmap\n```\n\n### Run executor\n\n```shell script\n$ faraday-cli agent run -a 1 -e nmap -p \\''{\"target\": \"www.google.com\"}'\\'\nRun executor: internal/nmap [{'successful': True}]\n```\n\n\n\n## Use it like a shell\n\nFaraday-cli can be used as a shell and have all the same commands you have as a cli\n\n\n\n## Use cases\n\n### Continuous scan your assets with faraday\n\nFor example run nmap for all the hosts in faraday that listen on the 443 port and import the results back to faraday\n```shell\n$ faraday-cli host list --port 443 -ip | nmap -iL - -oX /tmp/nmap.xml && faraday-cli process_report /tmp/nmap.xml\n```\n\n### Scan your subdomains\n\nUse a tool like assetfinder to do a domains lookup, scan them with nmap and send de results to faraday\n\n```shell\n$ assetfinder -subs-only example.com| sort | uniq |awk 'BEGIN { ORS = \"\"; print \" {\\\"target\\\":\\\"\"}\n{ printf \"%s%s\", separator, $1, $2\nseparator = \",\"}END { print \"\\\"}\" }' | faraday-cli agent run -a 1 -e nmap --stdin\n```\n\n\n[doc]: https://docs.faraday-cli.faradaysec.com\n\n\n2.1.11 [Feb 26th, 2024]:\n---\n * [FIX] Fix workspace activation. #87\n\n2.1.10 [Apr 5th, 2023]:\n---\n * [MOD] Change resolve_hostname to false for default, add the --resolve-hostname flag for host create and add --force flag to tool run to process the output of the command regardless of the return code. #79\n\n2.1.9 [Dec 15th, 2022]:\n---\n * [ADD] Add vuln delete vuln-id.\n\n\n2.1.8 [OCt 27th, 2022]:\n---\n * [ADD] New method to update existing vuln.\n\n2.1.7 [Sep 13th, 2022]:\n---\n * Add personal status.\n * Replace the apply_tag function with plugins parameters.\n * Update agents docs.\n\n2.1.6 [Jul 26th, 2022]:\n---\n * Remove workspace from get/list agent and add it to run agent.\n\n2.1.5 [Jun 10th, 2022]:\n---\n * Now shell mode doesn't exit if it has faraday's url and token but the server is down.\n * Support multiple tags on import and run.\n * Update gifs of readme.\n\n2.1.4 [May 23th, 2022]:\n---\n * Check if token is valid on start in shell mode.\n\n2.1.3 [May 20th, 2022]:\n---\n * Now is possible to doesn't resolve hostname by changing resolve_hostname parameter.\n * Fix the colors in Severity Stats.\n\n2.1.2 [Jan 11th, 2022]:\n---\n * Update Documentation.\n\n2.1.1 [Dec 13th, 2021]:\n---\n * ADD setting to enable/disable auto command detection.\n * Fix error message when a command dont generate valid output.\n * FIX tables visualization when host has to many hostnames.\n * Show if update is available.\n\n2.1.0 [Nov 19th, 2021]:\n---\n * Add fields to executive reports generation command.\n * Add KAKER_MODE easter egg.\n * Update plugins requirements to 1.5.6\n\n2.0.2 [Aug 9th, 2021]:\n---\n * add --create-workspace parameter for tool command\n * Ask for executive report template if not provided\n * Add for executor parameters if not provided\n * [FIX] Bug using an invalid executor name\n * Update readme to fix some examples\n\n2.0.1 [Jun 29th, 2021]:\n---\n * [FIX] Show help if no subcommand is provided\n\n2.0.0 [Jun 29th, 2021]:\n---\n * [MOD] Change commands to verbs\n * Enable and disable Workspaces\n * Fix to use cmd2 2.0 and update requirements\n * Show message if license is expired\n * [MOD] Change to V3 api of faraday\n * Add command to upload evidence to vuln\n\n1.1.1 [Jun 9th, 2021]:\n---\n * Fix to use cmd2 2.0 and update requirements\n * Show message if license is expired\n * [MOD] Change to V3 api of faraday\n\n1.1.0 [Apr 16th, 2021]:\n---\n * Add new command to process a tool execution\n * Add command to list vulnerabilities\n * Add versions to dependencies\n * Add setting to ignore INFO vulns\n * Show only active workspaces by default unless you use the --show-inactive parameter\n * [MOD] Add support for tags\n * Update faraday_plugins version dependency\n * Fix create_hosts docs typo\n * Show user in status\n * [MOD] Update faraday-plugins\n\n1.0.2 [Feb 17th, 2021]:\n---\n * ADD documentation (made with mkdocs)\n * MOD Convert some command and help to plural\n * FIX Exit shell in case of invalid authorization result\n * FIX faraday 3.14.1 updated security lib, and make login bugged\n\n1.0.1 [Jan 4th, 2021]:\n---\n * Fix error in list_host command\n\n1.0.0 [Dec 28th, 2020]:\n---\n * Add List Services command\n * Change the import command/report message\n * Add support for executive reports\n * Show in status if token is valid\n\n0.1.0 [Aug 28th, 2020]:\n---\n * First version released, use with caution as it is still beta phase.\n * Access a faraday server from your CLI, your CI o any other bash interpreter.\n\n",
"bugtrack_url": null,
"license": "GNU General Public License v3",
"summary": "Faraday cli package",
"version": "2.1.11",
"project_urls": {
"Homepage": "https://github.com/infobyte/faraday-cli"
},
"split_keywords": [],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "4c04363d4e9abd66c0d1e44085c720a3efb595cd4c257706d2fab3e3e54abb24",
"md5": "19ede0041abc6afb1ddd92470a9393ce",
"sha256": "27c5b29088bdb0b2519db2377b9ff56856ac641e10c14d5e855678526443d8ad"
},
"downloads": -1,
"filename": "faraday_cli-2.1.11-py3-none-any.whl",
"has_sig": false,
"md5_digest": "19ede0041abc6afb1ddd92470a9393ce",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">3.7.0",
"size": 62284,
"upload_time": "2024-02-26T16:42:58",
"upload_time_iso_8601": "2024-02-26T16:42:58.940506Z",
"url": "https://files.pythonhosted.org/packages/4c/04/363d4e9abd66c0d1e44085c720a3efb595cd4c257706d2fab3e3e54abb24/faraday_cli-2.1.11-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "bdf037d0fe4eb4ba02553ee8b30eff88af292f0c9559b455d09d5ed2786a8716",
"md5": "681e043b7dce18fc8cbf8bafc6a2b695",
"sha256": "ca0fd6e7e569a5e64de4fc988078f14381d4b8e1fa4b6e0600f4120ab1e2227f"
},
"downloads": -1,
"filename": "faraday-cli-2.1.11.tar.gz",
"has_sig": false,
"md5_digest": "681e043b7dce18fc8cbf8bafc6a2b695",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">3.7.0",
"size": 54255,
"upload_time": "2024-02-26T16:43:01",
"upload_time_iso_8601": "2024-02-26T16:43:01.701496Z",
"url": "https://files.pythonhosted.org/packages/bd/f0/37d0fe4eb4ba02553ee8b30eff88af292f0c9559b455d09d5ed2786a8716/faraday-cli-2.1.11.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-02-26 16:43:01",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "infobyte",
"github_project": "faraday-cli",
"travis_ci": false,
"coveralls": false,
"github_actions": false,
"requirements": [],
"lcname": "faraday-cli"
}
JSON
