Faraday CLI
Faraday CLI provides a command-line interface to the Faraday collaborative penetration testing platform. It allows you to interact with Faraday servers, import scan results from various tools, manage workspaces, and track vulnerabilities without using the web UI.
Installation
Section intitulée « Installation »Install Faraday CLI using pip:
pip install faraday-cliVerify installation:
faraday-cli versionUpgrade to the latest version:
pip install --upgrade faraday-cliInitial Configuration
Section intitulée « Initial Configuration »Set up your Faraday server connection with authentication credentials:
faraday-cli configInteractive configuration prompts:
| Prompt | Description |
|---|---|
| Server URL | https://faraday.example.com |
| API Token | API key from Faraday user settings |
| Workspace | Default workspace name |
| Ignore SSL errors | true or false for self-signed certificates |
View current configuration:
faraday-cli config listUpdate specific configuration:
faraday-cli config set server_url https://faraday.example.com
faraday-cli config set api_token your_api_token_here
faraday-cli config set workspace default_workspaceReset configuration to defaults:
faraday-cli config resetWorkspace Management
Section intitulée « Workspace Management »List all available workspaces:
faraday-cli workspace listCreate a new workspace:
faraday-cli workspace create --name "Project Alpha"Delete a workspace:
faraday-cli workspace delete --name "Project Alpha"Set default workspace:
faraday-cli config set workspace "Project Alpha"Switch workspace for single command:
faraday-cli --workspace "Project Beta" host listGet workspace information:
faraday-cli workspace info --name "Project Alpha"Importing Scan Results
Section intitulée « Importing Scan Results »Import results from various security scanning tools:
faraday-cli scan create --file nmap_results.xml
faraday-cli scan create --file nessus_export.nessus
faraday-cli scan create --file burp_results.xml
faraday-cli scan create --file qualys_results.xmlSpecify tool type explicitly:
faraday-cli scan create --file results.xml --tool nmap
faraday-cli scan create --file results.xml --tool nessus
faraday-cli scan create --file results.xml --tool burpsuiteSupported scan tools and formats:
| Tool | File Format | Command |
|---|---|---|
| Nmap | XML | faraday-cli scan create --file nmap.xml --tool nmap |
| Nessus | .nessus | faraday-cli scan create --file nessus.nessus --tool nessus |
| Burp Suite | XML | faraday-cli scan create --file burp.xml --tool burpsuite |
| Qualys | XML | faraday-cli scan create --file qualys.xml --tool qualys |
| OpenVAS | XML | faraday-cli scan create --file openvas.xml --tool openvas |
| Acunetix | XML | faraday-cli scan create --file acunetix.xml --tool acunetix |
| OWASP ZAP | XML | faraday-cli scan create --file zap.xml --tool zaproxy |
Import with metadata:
faraday-cli scan create --file results.xml --agent "Agent Name" --command "nmap -sV 192.168.1.0/24"Bulk import from directory:
faraday-cli scan create --file /path/to/scans/*.xmlList all imported scans:
faraday-cli scan listView specific scan details:
faraday-cli scan info --scan-id 12345Host Management
Section intitulée « Host Management »List all hosts in workspace:
faraday-cli host listList hosts with detailed information:
faraday-cli host list --detailedFilter hosts by IP address:
faraday-cli host list --filter "ip=192.168.1.100"Filter hosts by operating system:
faraday-cli host list --filter "os=Linux"Filter hosts by name:
faraday-cli host list --filter "name=webserver"Create a new host manually:
faraday-cli host create --ip 192.168.1.100 --name "webserver"Add additional host information:
faraday-cli host create --ip 192.168.1.100 --name "webserver" --os "Linux Ubuntu 20.04" --description "Main web server"Get host details:
faraday-cli host info --ip 192.168.1.100Update host information:
faraday-cli host update --ip 192.168.1.100 --name "new_name"Delete a host:
faraday-cli host delete --ip 192.168.1.100Vulnerability Management
Section intitulée « Vulnerability Management »List all vulnerabilities in workspace:
faraday-cli vuln listList vulnerabilities with detailed output:
faraday-cli vuln list --detailedFilter by severity:
faraday-cli vuln list --filter "severity=critical"
faraday-cli vuln list --filter "severity=high"
faraday-cli vuln list --filter "severity=medium"
faraday-cli vuln list --filter "severity=low"Filter by status:
faraday-cli vuln list --filter "status=open"
faraday-cli vuln list --filter "status=closed"
faraday-cli vuln list --filter "status=in_progress"Filter by service/port:
faraday-cli vuln list --filter "service=http"
faraday-cli vuln list --filter "port=443"Filter by host:
faraday-cli vuln list --filter "host=192.168.1.100"Get vulnerability details:
faraday-cli vuln info --vuln-id 98765Update vulnerability status:
faraday-cli vuln update --vuln-id 98765 --status closed
faraday-cli vuln update --vuln-id 98765 --status in_progressCreate custom vulnerability:
faraday-cli vuln create --name "Custom Issue" --description "Description here" --severity high --host 192.168.1.100Add comment to vulnerability:
faraday-cli vuln comment --vuln-id 98765 --comment "Patching scheduled for next maintenance window"Export vulnerability list to CSV:
faraday-cli vuln list --output csv > vulnerabilities.csvExport to JSON:
faraday-cli vuln list --output json > vulnerabilities.jsonService Discovery
Section intitulée « Service Discovery »List services discovered on hosts:
faraday-cli service listList services on specific host:
faraday-cli service list --filter "host=192.168.1.100"Filter by service type:
faraday-cli service list --filter "service=http"
faraday-cli service list --filter "service=ssh"
faraday-cli service list --filter "service=smb"Get service details:
faraday-cli service info --service-id 12345Reporting and Export
Section intitulée « Reporting and Export »Generate executive summary report:
faraday-cli report generate --type executive_summary --output report.pdfGenerate detailed technical report:
faraday-cli report generate --type technical --output report.pdfExport workspace data to JSON:
faraday-cli workspace export --format json --output export.jsonExport to CSV:
faraday-cli workspace export --format csv --output export.csvGenerate statistics:
faraday-cli workspace statsView vulnerability statistics:
faraday-cli stats --type vulnerabilityView host statistics:
faraday-cli stats --type hostAdvanced Operations
Section intitulée « Advanced Operations »Import with agent assignment:
faraday-cli scan create --file results.xml --agent "Nmap Agent 01"Use custom tool parsing:
faraday-cli scan create --file custom_output.txt --tool custom_tool --parser custom_parserRun command and auto-import results:
nmap -sV 192.168.1.0/24 -oX results.xml && faraday-cli scan create --file results.xmlAutomated import with retry:
faraday-cli scan create --file results.xml --retry 3 --retry-delay 5Import with source tracking:
faraday-cli scan create --file results.xml --source "Penetration Test Q2 2026"Set scan metadata:
faraday-cli scan create --file results.xml --tags "network,external,high-risk"Import with scheduled scan:
faraday-cli scan create --file results.xml --evidence "Evidence of testing performed" --request "Authorized by IT Manager"Filtering and Querying
Section intitulée « Filtering and Querying »Common filter operators:
| Operator | Description | Example |
|---|---|---|
= | Exact match | severity=critical |
!= | Not equal | status!=closed |
> | Greater than | cvss_score>7.5 |
< | Less than | cvss_score<5.0 |
contains | Substring match | name contains "SQLi" |
in | Multiple values | severity in (critical,high) |
Chain multiple filters:
faraday-cli vuln list --filter "severity=high" --filter "status=open" --filter "host=192.168.1.100"Output Formatting
Section intitulée « Output Formatting »Output as table (default):
faraday-cli host listOutput as JSON:
faraday-cli host list --output jsonOutput as CSV:
faraday-cli host list --output csvOutput with specific columns:
faraday-cli vuln list --columns "id,name,severity,status"Pretty print JSON:
faraday-cli host list --output json | python -m json.toolPipe to grep for searching:
faraday-cli vuln list | grep -i "sql injection"Error Handling
Section intitulée « Error Handling »Connection timeout issues:
faraday-cli --timeout 30 workspace listDebug mode with verbose output:
faraday-cli --debug host listCheck server connectivity:
faraday-cli health checkVerify API token:
faraday-cli auth verifyAuthentication
Section intitulée « Authentication »Provide API token via command line:
faraday-cli --api-token YOUR_TOKEN workspace listProvide server URL via command line:
faraday-cli --server https://faraday.example.com workspace listUse environment variables:
export FARADAY_URL="https://faraday.example.com"
export FARADAY_TOKEN="your_api_token"
export FARADAY_WORKSPACE="default"
faraday-cli host listBatch Operations
Section intitulée « Batch Operations »Process multiple files in sequence:
for file in /path/to/scans/*.xml; do
faraday-cli scan create --file "$file"
doneImport and generate report:
faraday-cli scan create --file results.xml && \
faraday-cli report generate --type executive_summary --output report.pdfCreate hosts from CSV:
while IFS=, read ip name os; do
faraday-cli host create --ip "$ip" --name "$name" --os "$os"
done < hosts.csvUseful Aliases
Section intitulée « Useful Aliases »Create shell aliases for common commands:
alias fwl='faraday-cli'
alias fh='faraday-cli host'
alias fv='faraday-cli vuln'
alias fs='faraday-cli scan'
alias fw='faraday-cli workspace'Add to .bashrc or .zshrc for persistence.
Common Workflows
Section intitulée « Common Workflows »Workflow 1: Import and Review New Scan
faraday-cli scan create --file nmap_results.xml
faraday-cli vuln list --filter "status=open" --filter "severity=high"
faraday-cli report generate --type executive_summary --output report.pdfWorkflow 2: Continuous Monitoring
# Run weekly scans
0 0 * * 1 nmap -sV 192.168.1.0/24 -oX /tmp/scan.xml && \
faraday-cli scan create --file /tmp/scan.xmlWorkflow 3: Track Remediation
faraday-cli vuln list --filter "severity=critical"
faraday-cli vuln update --vuln-id 98765 --status in_progress
faraday-cli vuln comment --vuln-id 98765 --comment "Patch deployed 2026-05-02"
faraday-cli vuln update --vuln-id 98765 --status closedWorkflow 4: Multi-Workspace Management
for workspace in "Project A" "Project B" "Project C"; do
faraday-cli --workspace "$workspace" workspace stats
done