Faraday Application Architecture Documentation
This document provides an overview of the Faraday application architecture. It includes the general architecture, component interactions, queue names, and flow diagrams for basic operations.
General Architecture
%%{init: {'theme': 'forest', "flowchart" : { "curve" : "basis" } } }%%
graph TD
subgraph "Frontend"
UI[Web UI]
end
subgraph "Backend Services"
FS[Faraday Server]
WS[WebSocket Service]
CW[Celery Workers]
CB[Celery Broker]
end
subgraph "Data Storage"
PG[(PostgreSQL Database)]
end
UI -->|HTTP/REST API| FS
UI -->|WebSocket| WS
FS -->|Tasks| CB
CB -->|Tasks| CW
CW -->|Results| FS
FS -->|Store/Retrieve Data| PG
FS -->|Notifications| WS
WS -->|Real-time Updates| UI
Queue Architecture
%%{init: {'theme': 'forest', "flowchart" : { "curve" : "basis" } } }%%
graph LR
subgraph "Message Queues"
VQ[Vulnerability Queue]
RQ[Reports Queue]
WQ[WebSocket Queue]
end
subgraph "Producers"
FS[Faraday Server]
end
subgraph "Consumers"
VW[Vulnerability Worker]
RW[Reports Worker]
WS[WebSocket Service]
end
FS -->|Vulnerability Tasks| VQ
FS -->|Report Generation Tasks| RQ
FS -->|Notifications| WQ
VQ -->|Process| VW
RQ -->|Process| RW
WQ -->|Broadcast| WS
Component Interactions
%%{init: {'theme': 'forest', "flowchart" : { "curve" : "basis" } } }%%
sequenceDiagram
participant Client as Client Browser
participant FS as Faraday Server
participant CB as Celery Broker
participant CW as Celery Workers
participant WS as WebSocket Service
participant DB as PostgreSQL Database
Client->>FS: HTTP Request
FS->>DB: Query/Update Data
FS->>CB: Enqueue Task
CB->>CW: Process Task
CW->>DB: Store Results
CW->>FS: Task Completed
FS->>WS: Send Notification
WS->>Client: Real-time Update
Vulnerability Creation Flow
%%{init: {'theme': 'forest', "flowchart" : { "curve" : "basis" } } }%%
sequenceDiagram
participant Client as Client Browser
participant FS as Faraday Server
participant VQ as Vulnerability Queue
participant VW as Vulnerability Worker
participant DB as PostgreSQL Database
participant WS as WebSocket Service
Client->>FS: Create Vulnerability Request
FS->>DB: Validate Request
FS->>VQ: Enqueue Vulnerability Creation Task
VQ->>VW: Process Vulnerability Creation
VW->>DB: Store Vulnerability Data
VW->>FS: Notify Task Completion
FS->>WS: Send Notification
WS->>Client: Update UI with New Vulnerability
Vulnerability Deletion Flow
%%{init: {'theme': 'forest', "flowchart" : { "curve" : "basis" } } }%%
sequenceDiagram
participant Client as Client Browser
participant FS as Faraday Server
participant DB as PostgreSQL Database
participant WS as WebSocket Service
Client->>FS: Delete Vulnerability Request
FS->>DB: Check Permissions
FS->>DB: Mark Vulnerability as Deleted
FS->>WS: Send Deletion Notification
WS->>Client: Update UI (Remove Vulnerability)
Executive Report Generation Flow
%%{init: {'theme': 'forest', "flowchart" : { "curve" : "basis" } } }%%
sequenceDiagram
participant Client as Client Browser
participant FS as Faraday Server
participant RQ as Reports Queue
participant RW as Reports Worker
participant DB as PostgreSQL Database
participant WS as WebSocket Service
Client->>FS: Request Executive Report
FS->>RQ: Enqueue Report Generation Task
RQ->>RW: Process Report Generation
RW->>DB: Query Vulnerability Data
RW->>FS: Store Generated Report
FS->>WS: Send Report Ready Notification
WS->>Client: Update UI with Report Link
Technology Stack
- Frontend: Web-based UI (React.js)
- Backend: Faraday Server (Python-based)
- Message Broker: Celery with RabbitMQ/Redis
- Workers: Celery Workers for asynchronous tasks
- Real-time Communication: WebSocket service
- Database: PostgreSQL
Queue Details
- Vulnerability Queue: Handles vulnerability creation, updates, and processing tasks
- Reports Queue: Manages executive report generation tasks
- WebSocket Queue: Handles real-time notifications and updates to clients
Key Processes
- Faraday Server: Central component that processes general operations and coordinates between different services
- Celery Broker: Manages task queues for asynchronous processing
- Celery Workers: Process vulnerability creation and other background tasks
- WebSocket Service: Provides real-time updates to the frontend
This architecture enables efficient handling of vulnerability management operations, with asynchronous processing for resource-intensive tasks and real-time updates for a responsive user experience.
Faraday CLI
Faraday CLI provides an interface for interacting with a terminal that allows the user to execute commands which results will be loaded inside Faraday Server.
The CLI also allows the user to upload tool reports, create workspaces and configure your instance.
Faraday Agent
The Faraday Agents allows to automate the upload of different data to the server, such as integration with other applications or services; or execute some tools that the Faraday plugins can process. Moreover, the Agents can be executed on any remote computer and its Executors can be written in any language.
Burp / Zap Addons
Faraday has Burp/Zap Extensions that run inside the third party application. Using Faraday addons provides flexibility to ingress information inside Faraday Server from other applications.
Database schema
classDiagram
%% Core Entities
Workspace "1" -- "*" Host : contains
Workspace "1" -- "*" Vulnerability : contains
Workspace "1" -- "*" Service : contains
Host "1" -- "*" Service : has
Host "1" -- "*" Vulnerability : has
Service "1" -- "*" Vulnerability : has
Vulnerability <|-- VulnerabilityWeb : extends
Vulnerability <|-- VulnerabilityCode : extends
%% User and Permissions
User "*" -- "*" Workspace : has access to
User "1" -- "*" Command : executes
User "1" -- "*" Comment : creates
%% Metadata and References
Vulnerability "*" -- "*" Reference : has
Vulnerability "*" -- "*" CVE : associated with
Vulnerability "*" -- "*" Tag : tagged with
Host "*" -- "*" Tag : tagged with
Service "*" -- "*" Tag : tagged with
%% Agents and Commands
Agent "1" -- "*" AgentExecution : runs
Command "1" -- "*" CommandObject : creates
%% Enrichment
EnrichmentCve "*" -- "*" EnrichmentCwe : associated with
EnrichmentOwasp "*" -- "*" EnrichmentCwe : contains
%% Class definitions
class Workspace {
+int id
+string name
+string description
+bool active
+bool readonly
+datetime create_date
+datetime update_date
}
class Host {
+int id
+int workspace_id
+string name
+string os
+string ip
+string description
+string owned
+string creator
+datetime create_date
+datetime update_date
}
class Service {
+int id
+int host_id
+string name
+string description
+int port
+string protocol
+string status
+string version
+datetime create_date
+datetime update_date
}
class Vulnerability {
+int id
+int workspace_id
+int host_id
+int service_id
+string name
+string description
+string severity
+string status
+string resolution
+string cvss2_vector_string
+string cvss3_vector_string
+string cvss4_vector_string
+float cvss2_base_score
+float cvss3_base_score
+float cvss4_base_score
+bool confirmed
+datetime create_date
+datetime update_date
}
class VulnerabilityWeb {
+string website
+string path
+string method
+string parameter_name
+string request
+string response
}
class VulnerabilityCode {
+int source_code_id
+string file_name
+int line_number
+string function_name
}
class User {
+int id
+string username
+string password
+string email
+bool active
+bool is_ldap
+datetime create_date
+datetime update_date
}
class Command {
+int id
+int workspace_id
+string command
+string tool
+string params
+string user
+datetime create_date
+datetime update_date
}
class Agent {
+int id
+int workspace_id
+string name
+string active
+datetime create_date
+datetime update_date
}
class Tag {
+int id
+string name
+string slug
}
class Reference {
+int id
+string name
+string url
}
class CVE {
+int id
+string name
}
class EnrichmentCve {
+int id
+string name
+string description
+string cvss2_vector_string
+string cvss3_vector_string
+string cvss4_vector_string
+float cvss2_base_score
+float cvss3_base_score
+float cvss4_base_score
+float epss
+bool trending
}
class EnrichmentCwe {
+int id
+string name
+string description
+int top_position
}
class EnrichmentOwasp {
+int id
+string name
+string description
+date release
+bool latest
}
Components