Faraday CLI

Faraday CLI provides a command-line interface to the Faraday collaborative penetration testing platform. It allows you to interact with Faraday servers, import scan results from various tools, manage workspaces, and track vulnerabilities without using the web UI.

Installation

Install Faraday CLI using pip:

pip install faraday-cli

Verify installation:

faraday-cli version

Upgrade to the latest version:

pip install --upgrade faraday-cli

Initial Configuration

Set up your Faraday server connection with authentication credentials:

faraday-cli config

Interactive configuration prompts:

Prompt	Description
Server URL	`https://faraday.example.com`
API Token	API key from Faraday user settings
Workspace	Default workspace name
Ignore SSL errors	`true` or `false` for self-signed certificates

View current configuration:

faraday-cli config list

Update specific configuration:

faraday-cli config set server_url https://faraday.example.com
faraday-cli config set api_token your_api_token_here
faraday-cli config set workspace default_workspace

Reset configuration to defaults:

faraday-cli config reset

Workspace Management

List all available workspaces:

faraday-cli workspace list

Create a new workspace:

faraday-cli workspace create --name "Project Alpha"

Delete a workspace:

faraday-cli workspace delete --name "Project Alpha"

Set default workspace:

faraday-cli config set workspace "Project Alpha"

Switch workspace for single command:

faraday-cli --workspace "Project Beta" host list

Get workspace information:

faraday-cli workspace info --name "Project Alpha"

Importing Scan Results

Import results from various security scanning tools:

faraday-cli scan create --file nmap_results.xml
faraday-cli scan create --file nessus_export.nessus
faraday-cli scan create --file burp_results.xml
faraday-cli scan create --file qualys_results.xml

Specify tool type explicitly:

faraday-cli scan create --file results.xml --tool nmap
faraday-cli scan create --file results.xml --tool nessus
faraday-cli scan create --file results.xml --tool burpsuite

Supported scan tools and formats:

Tool	File Format	Command
Nmap	XML	`faraday-cli scan create --file nmap.xml --tool nmap`
Nessus	.nessus	`faraday-cli scan create --file nessus.nessus --tool nessus`
Burp Suite	XML	`faraday-cli scan create --file burp.xml --tool burpsuite`
Qualys	XML	`faraday-cli scan create --file qualys.xml --tool qualys`
OpenVAS	XML	`faraday-cli scan create --file openvas.xml --tool openvas`
Acunetix	XML	`faraday-cli scan create --file acunetix.xml --tool acunetix`
OWASP ZAP	XML	`faraday-cli scan create --file zap.xml --tool zaproxy`

Import with metadata:

faraday-cli scan create --file results.xml --agent "Agent Name" --command "nmap -sV 192.168.1.0/24"

Bulk import from directory:

faraday-cli scan create --file /path/to/scans/*.xml

List all imported scans:

faraday-cli scan list

View specific scan details:

faraday-cli scan info --scan-id 12345

Host Management

List all hosts in workspace:

faraday-cli host list

List hosts with detailed information:

faraday-cli host list --detailed

Filter hosts by IP address:

faraday-cli host list --filter "ip=192.168.1.100"

Filter hosts by operating system:

faraday-cli host list --filter "os=Linux"

Filter hosts by name:

faraday-cli host list --filter "name=webserver"

Create a new host manually:

faraday-cli host create --ip 192.168.1.100 --name "webserver"

Add additional host information:

faraday-cli host create --ip 192.168.1.100 --name "webserver" --os "Linux Ubuntu 20.04" --description "Main web server"

Get host details:

faraday-cli host info --ip 192.168.1.100

Update host information:

faraday-cli host update --ip 192.168.1.100 --name "new_name"

Delete a host:

faraday-cli host delete --ip 192.168.1.100

Vulnerability Management

List all vulnerabilities in workspace:

faraday-cli vuln list

List vulnerabilities with detailed output:

faraday-cli vuln list --detailed

Filter by severity:

faraday-cli vuln list --filter "severity=critical"
faraday-cli vuln list --filter "severity=high"
faraday-cli vuln list --filter "severity=medium"
faraday-cli vuln list --filter "severity=low"

Filter by status:

faraday-cli vuln list --filter "status=open"
faraday-cli vuln list --filter "status=closed"
faraday-cli vuln list --filter "status=in_progress"

Filter by service/port:

faraday-cli vuln list --filter "service=http"
faraday-cli vuln list --filter "port=443"

Filter by host:

faraday-cli vuln list --filter "host=192.168.1.100"

Get vulnerability details:

faraday-cli vuln info --vuln-id 98765

Update vulnerability status:

faraday-cli vuln update --vuln-id 98765 --status closed
faraday-cli vuln update --vuln-id 98765 --status in_progress

Create custom vulnerability:

faraday-cli vuln create --name "Custom Issue" --description "Description here" --severity high --host 192.168.1.100

Add comment to vulnerability:

faraday-cli vuln comment --vuln-id 98765 --comment "Patching scheduled for next maintenance window"

Export vulnerability list to CSV:

faraday-cli vuln list --output csv > vulnerabilities.csv

Export to JSON:

faraday-cli vuln list --output json > vulnerabilities.json

Service Discovery

List services discovered on hosts:

faraday-cli service list

List services on specific host:

faraday-cli service list --filter "host=192.168.1.100"

Filter by service type:

faraday-cli service list --filter "service=http"
faraday-cli service list --filter "service=ssh"
faraday-cli service list --filter "service=smb"

Get service details:

faraday-cli service info --service-id 12345

Reporting and Export

Generate executive summary report:

faraday-cli report generate --type executive_summary --output report.pdf

Generate detailed technical report:

faraday-cli report generate --type technical --output report.pdf

Export workspace data to JSON:

faraday-cli workspace export --format json --output export.json

Export to CSV:

faraday-cli workspace export --format csv --output export.csv

Generate statistics:

faraday-cli workspace stats

View vulnerability statistics:

faraday-cli stats --type vulnerability

View host statistics:

faraday-cli stats --type host

Advanced Operations

Import with agent assignment:

faraday-cli scan create --file results.xml --agent "Nmap Agent 01"

Use custom tool parsing:

faraday-cli scan create --file custom_output.txt --tool custom_tool --parser custom_parser

Run command and auto-import results:

nmap -sV 192.168.1.0/24 -oX results.xml && faraday-cli scan create --file results.xml

Automated import with retry:

faraday-cli scan create --file results.xml --retry 3 --retry-delay 5

Import with source tracking:

faraday-cli scan create --file results.xml --source "Penetration Test Q2 2026"

Set scan metadata:

faraday-cli scan create --file results.xml --tags "network,external,high-risk"

Import with scheduled scan:

faraday-cli scan create --file results.xml --evidence "Evidence of testing performed" --request "Authorized by IT Manager"

Filtering and Querying

Common filter operators:

Operator	Description	Example
`=`	Exact match	`severity=critical`
`!=`	Not equal	`status!=closed`
`>`	Greater than	`cvss_score>7.5`
`<`	Less than	`cvss_score<5.0`
`contains`	Substring match	`name contains "SQLi"`
`in`	Multiple values	`severity in (critical,high)`

Chain multiple filters:

faraday-cli vuln list --filter "severity=high" --filter "status=open" --filter "host=192.168.1.100"

Output Formatting

Output as table (default):

faraday-cli host list

Output as JSON:

faraday-cli host list --output json

Output as CSV:

faraday-cli host list --output csv

Output with specific columns:

faraday-cli vuln list --columns "id,name,severity,status"

Pretty print JSON:

faraday-cli host list --output json | python -m json.tool

Pipe to grep for searching:

faraday-cli vuln list | grep -i "sql injection"

Error Handling

Connection timeout issues:

faraday-cli --timeout 30 workspace list

Debug mode with verbose output:

faraday-cli --debug host list

Check server connectivity:

faraday-cli health check

Verify API token:

faraday-cli auth verify

Authentication

Provide API token via command line:

faraday-cli --api-token YOUR_TOKEN workspace list

Provide server URL via command line:

faraday-cli --server https://faraday.example.com workspace list

Use environment variables:

export FARADAY_URL="https://faraday.example.com"
export FARADAY_TOKEN="your_api_token"
export FARADAY_WORKSPACE="default"
faraday-cli host list

Batch Operations

Process multiple files in sequence:

for file in /path/to/scans/*.xml; do
  faraday-cli scan create --file "$file"
done

Import and generate report:

faraday-cli scan create --file results.xml && \
faraday-cli report generate --type executive_summary --output report.pdf

Create hosts from CSV:

while IFS=, read ip name os; do
  faraday-cli host create --ip "$ip" --name "$name" --os "$os"
done < hosts.csv

Useful Aliases

Create shell aliases for common commands:

alias fwl='faraday-cli'
alias fh='faraday-cli host'
alias fv='faraday-cli vuln'
alias fs='faraday-cli scan'
alias fw='faraday-cli workspace'

Add to .bashrc or .zshrc for persistence.

Common Workflows

Workflow 1: Import and Review New Scan

faraday-cli scan create --file nmap_results.xml
faraday-cli vuln list --filter "status=open" --filter "severity=high"
faraday-cli report generate --type executive_summary --output report.pdf

Workflow 2: Continuous Monitoring

# Run weekly scans
0 0 * * 1 nmap -sV 192.168.1.0/24 -oX /tmp/scan.xml && \
  faraday-cli scan create --file /tmp/scan.xml

Workflow 3: Track Remediation

faraday-cli vuln list --filter "severity=critical"
faraday-cli vuln update --vuln-id 98765 --status in_progress
faraday-cli vuln comment --vuln-id 98765 --comment "Patch deployed 2026-05-02"
faraday-cli vuln update --vuln-id 98765 --status closed

Workflow 4: Multi-Workspace Management

for workspace in "Project A" "Project B" "Project C"; do
  faraday-cli --workspace "$workspace" workspace stats
done