Metadata-Version: 2.1
Name: faraday-cli
Version: 2.1.8
Summary: Faraday cli package
Home-page: https://github.com/infobyte/faraday-cli
Author: Faradaysec
Author-email: devel@faradaysec.com
License: GNU General Public License v3
Classifier: Development Status :: 4 - Beta
Classifier: Intended Audience :: Developers
Classifier: License :: OSI Approved :: GNU General Public License v3 (GPLv3)
Classifier: Natural Language :: English
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.7
Classifier: Programming Language :: Python :: 3.8
Requires-Python: >3.7.0
Description-Content-Type: text/markdown
Provides-Extra: dev
Provides-Extra: docs
Provides-Extra: test
License-File: LICENSE

# Faraday on the terminal
Use faraday directly from your favorite terminal

![Example](./docs/docs/images/general.gif)

faraday-cli is the official client that make automating your security workflows, easier.

## Install from pip

```
pip install faraday-cli
```

## Install from source
```shell script
git clone https://github.com/infobyte/faraday-cli.git
cd faraday-cli
pip install .
```

## Documentation

For more info you can check our [documentation][doc]


## Use it like a command

### Login

Configure auth for farday-cli

```shell script
$ faraday-cli auth
```
![Example](./docs/docs/images/auth.gif)


### Create a workspace
When you create a workspace by default is selected as active, unless you use the "-d" flag
```shell script
$ faraday-cli workspace create some_name
✔ Created workspace: some_name
```

### Select active workspace

```shell script
$ faraday-cli workspace select some_name
✔ Selected workspace: some_name
```

### List workspaces

```shell script
$ faraday-cli list_ws
NAME         HOSTS    SERVICES    VULNS  ACTIVE    PUBLIC    READONLY
---------  -------  ----------  -------  --------  --------  ----------
some_name       14          13       39  True      False     False
```

### List hosts of a workspace

```shell script
$ faraday-cli host list
  ID  IP           OS       HOSTNAMES          SERVICES  VULNS
----  -----------  -------  ---------------  ----------  -------
 574  127.0.0.1    unknown                            1  3
 566  127.0.0.10   unknown                            1  3
 569  127.0.0.11   unknown                            1  3
 568  127.0.0.12   unknown                            1  3
 570  127.0.0.13   unknown                            1  3
 576  127.0.0.2    unknown                            1  3
 565  127.0.0.3    unknown                            1  3
 572  127.0.0.4    unknown                            1  3
 573  127.0.0.5    unknown                            1  3
 567  127.0.0.6    unknown                            1  3
 571  127.0.0.7    unknown                            1  3
 564  127.0.0.8    unknown                            1  3
 575  127.0.0.9    unknown                            1  3
 590  58.76.184.4  unknown  www.googlec.com           0  -
```

### Get host

```shell script
$ faraday-cli host get 574

$ faraday-cli host get 574
Host:
  ID  IP         OS       HOSTNAMES    OWNER    OWNED      VULNS
----  ---------  -------  -----------  -------  -------  -------
 574  127.0.0.1  unknown               faraday  False          3

Services:
  ID  NAME    DESCRIPTION    PROTOCOL      PORT  VERSION    STATUS      VULNS
----  ------  -------------  ----------  ------  ---------  --------  -------
2638  ssh                    tcp             22  unknown    open            2

Vulnerabilities:
   ID  NAME                                      SEVERITY    STATUS    CONFIRMED    TOOL
-----  ----------------------------------------  ----------  --------  -----------  -------
13509  SSH Weak Encryption Algorithms Supported  MED         opened    False        Openvas
13510  SSH Weak MAC Algorithms Supported         LOW         opened    False        Openvas
13511  TCP timestamps                            LOW         opened    False        Openvas
```

### Create hosts

```shell script
$ faraday-cli host create -d \''[{"ip": "stan.local", "description": "some server"}]'\'
```

Or pipe it
```shell script
$ echo '[{"ip": "1.1.1.5", "description": "some text"}]' | faraday-cli host create --stdin

```
**The escaping of the single quotes (\\') is only needed when using it as a command.
In the shell or using pipes it not necessary**


### Import vulnerabilities from tool report

```shell script
$ faraday-cli tool report "/path/to/report.xml"
```
![Example](./docs/docs/images/process_report.gif)

### Import vulnerabilities from command

```shell script
$ faraday-cli ping -c 1 www.google.com
```
![Example](./docs/docs/images/command.gif)

### List agents

```shell script
$ faraday-cli agent list
  id  name      active    status    executors
----  --------  --------  --------  -----------
   8  internal  True      online    nmap
```

### Run executor

```shell script
$ faraday-cli agent run -a 1 -e nmap -p \''{"target": "www.google.com"}'\'
Run executor: internal/nmap [{'successful': True}]
```



## Use it like a shell

Faraday-cli can be used as a shell and have all the same commands you have as a cli

![Example](./docs/docs/images/shell.gif)

## Use cases

### Continuous scan your assets with faraday

For example run nmap for all the hosts in faraday that listen on the 443 port and import the results back to faraday
```shell
$ faraday-cli host list --port 443 -ip | nmap -iL - -oX /tmp/nmap.xml  && faraday-cli process_report /tmp/nmap.xml
```

### Scan your subdomains

Use a tool like assetfinder to do a domains lookup, scan them with nmap and send de results to faraday

```shell
$ assetfinder -subs-only example.com| sort | uniq |awk 'BEGIN { ORS = ""; print " {\"target\":\""}
{ printf "%s%s", separator, $1, $2
separator = ","}END { print "\"}" }' | faraday-cli  agent run  -a 1 -e nmap --stdin
```


[doc]: https://docs.faraday-cli.faradaysec.com


2.1.8 [OCt 27th, 2022]:
---
 * [Add] New method to update existing vuln

2.1.7 [Sep 13th, 2022]:
---
 * Add personal status
 * Replace the apply_tag function with plugins parameters
 * Update agents docs

2.1.6 [Jul 26th, 2022]:
---
 * Remove workspace from get/list agent and add it to run agent

2.1.5 [Jun 10th, 2022]:
---
 * Now shell mode doesnt exit if it has faraday's url and token but the server is down
 * Support multiple tags on import and run
 * Update gifs of readme

2.1.4 [May 23th, 2022]:
---
 * Check if token is valid on start in shell mode

2.1.3 [May 20th, 2022]:
---
 * Now is possible to doesn't resolve hostname by changing resolve_hostname parameter
 * Fix the colors in Severity Stats

2.1.2 [Jan 11th, 2022]:
---
 * Update Documentation

2.1.1 [Dec 13th, 2021]:
---
 * ADD setting to enable/disable auto command detection
 * Fix error message when a command dont generate valid output
 * FIX tables visualization when host has to many hostnames
 * Show if update is available

2.1.0 [Nov 19th, 2021]:
---
 * Add fields to executive reports generation command
 * Add KAKER_MODE easter egg
 * update plugins requirements to 1.5.6

2.0.2 [Aug 9th, 2021]:
---
 * add --create-workspace parameter for tool command
 * Ask for executive report template if not provided
 * Add for executor parameters if not provided
 * [FIX] Bug using an invalid executor name
 * Update readme to fix some examples

2.0.1 [Jun 29th, 2021]:
---
 * [FIX] Show help if no subcommand is provided

2.0.0 [Jun 29th, 2021]:
---
 * [MOD] Change commands to verbs
 * Enable and disable Workspaces
 * Fix to use cmd2 2.0 and update requirements
 * Show message if license is expired
 * [MOD] Change to V3 api of faraday
 * Add command to upload evidence to vuln

1.1.1 [Jun 9th, 2021]:
---
 * Fix to use cmd2 2.0 and update requirements
 * Show message if license is expired
 * [MOD] Change to V3 api of faraday

1.1.0 [Apr 16th, 2021]:
---
 * Add new command to process a tool execution
 * Add command to list vulnerabilities
 * Add versions to dependencies
 * Add setting to ignore INFO vulns
 * Show only active workspaces by default unless you use the --show-inactive parameter
 * [MOD] Add support for tags
 * Update faraday_plugins version dependency
 * Fix create_hosts docs typo
 * Show user in status
 * [MOD] Update faraday-plugins

1.0.2 [Feb 17th, 2021]:
---
 * ADD documentation (made with mkdocs)
 * MOD Convert some command and help to plural
 * FIX Exit shell in case of invalid authorization result
 * FIX faraday 3.14.1 updated security lib, and make login bugged

1.0.1 [Jan 4th, 2021]:
---
 * Fix error in list_host command

1.0.0 [Dec 28th, 2020]:
---
 * Add List Services command
 * Change the import command/report message
 * Add support for executive reports
 * Show in status if token is valid

0.1.0 [Aug 28th, 2020]:
---
 * First version released, use with caution as it is still beta phase.
 * Access a faraday server from your CLI, your CI o any other bash interpreter.
