Faraday Application Architecture Documentation¶

%%{init: {'theme': 'forest', "flowchart" : { "curve" : "basis" } } }%% graph TD subgraph "Frontend" UI[Web UI] end subgraph "Backend Services" FS[Faraday Server] WS[WebSocket Service] CW[Celery Workers] CB[Celery Broker] end subgraph "Data Storage" PG[(PostgreSQL Database)] end UI -->|HTTP/REST API| FS UI -->|WebSocket| WS FS -->|Tasks| CB CB -->|Tasks| CW CW -->|Results| FS FS -->|Store/Retrieve Data| PG FS -->|Notifications| WS WS -->|Real-time Updates| UI

%%{init: {'theme': 'forest', "flowchart" : { "curve" : "basis" } } }%% graph LR subgraph "Message Queues" VQ[Vulnerability Queue] RQ[Reports Queue] WQ[WebSocket Queue] end subgraph "Producers" FS[Faraday Server] end subgraph "Consumers" VW[Vulnerability Worker] RW[Reports Worker] WS[WebSocket Service] end FS -->|Vulnerability Tasks| VQ FS -->|Report Generation Tasks| RQ FS -->|Notifications| WQ VQ -->|Process| VW RQ -->|Process| RW WQ -->|Broadcast| WS

%%{init: {'theme': 'forest', "flowchart" : { "curve" : "basis" } } }%% sequenceDiagram participant Client as Client Browser participant FS as Faraday Server participant CB as Celery Broker participant CW as Celery Workers participant WS as WebSocket Service participant DB as PostgreSQL Database Client->>FS: HTTP Request FS->>DB: Query/Update Data FS->>CB: Enqueue Task CB->>CW: Process Task CW->>DB: Store Results CW->>FS: Task Completed FS->>WS: Send Notification WS->>Client: Real-time Update

%%{init: {'theme': 'forest', "flowchart" : { "curve" : "basis" } } }%% sequenceDiagram participant Client as Client Browser participant FS as Faraday Server participant VQ as Vulnerability Queue participant VW as Vulnerability Worker participant DB as PostgreSQL Database participant WS as WebSocket Service Client->>FS: Create Vulnerability Request FS->>DB: Validate Request FS->>VQ: Enqueue Vulnerability Creation Task VQ->>VW: Process Vulnerability Creation VW->>DB: Store Vulnerability Data VW->>FS: Notify Task Completion FS->>WS: Send Notification WS->>Client: Update UI with New Vulnerability

%%{init: {'theme': 'forest', "flowchart" : { "curve" : "basis" } } }%% sequenceDiagram participant Client as Client Browser participant FS as Faraday Server participant DB as PostgreSQL Database participant WS as WebSocket Service Client->>FS: Delete Vulnerability Request FS->>DB: Check Permissions FS->>DB: Mark Vulnerability as Deleted FS->>WS: Send Deletion Notification WS->>Client: Update UI (Remove Vulnerability)

%%{init: {'theme': 'forest', "flowchart" : { "curve" : "basis" } } }%% sequenceDiagram participant Client as Client Browser participant FS as Faraday Server participant RQ as Reports Queue participant RW as Reports Worker participant DB as PostgreSQL Database participant WS as WebSocket Service Client->>FS: Request Executive Report FS->>RQ: Enqueue Report Generation Task RQ->>RW: Process Report Generation RW->>DB: Query Vulnerability Data RW->>FS: Store Generated Report FS->>WS: Send Report Ready Notification WS->>Client: Update UI with Report Link

classDiagram %% Core Entities Workspace "1" -- "*" Host : contains Workspace "1" -- "*" Vulnerability : contains Workspace "1" -- "*" Service : contains Host "1" -- "*" Service : has Host "1" -- "*" Vulnerability : has Service "1" -- "*" Vulnerability : has Vulnerability <|-- VulnerabilityWeb : extends Vulnerability <|-- VulnerabilityCode : extends %% User and Permissions User "*" -- "*" Workspace : has access to User "1" -- "*" Command : executes User "1" -- "*" Comment : creates %% Metadata and References Vulnerability "*" -- "*" Reference : has Vulnerability "*" -- "*" CVE : associated with Vulnerability "*" -- "*" Tag : tagged with Host "*" -- "*" Tag : tagged with Service "*" -- "*" Tag : tagged with %% Agents and Commands Agent "1" -- "*" AgentExecution : runs Command "1" -- "*" CommandObject : creates %% Enrichment EnrichmentCve "*" -- "*" EnrichmentCwe : associated with EnrichmentOwasp "*" -- "*" EnrichmentCwe : contains %% Class definitions class Workspace { +int id +string name +string description +bool active +bool readonly +datetime create_date +datetime update_date } class Host { +int id +int workspace_id +string name +string os +string ip +string description +string owned +string creator +datetime create_date +datetime update_date } class Service { +int id +int host_id +string name +string description +int port +string protocol +string status +string version +datetime create_date +datetime update_date } class Vulnerability { +int id +int workspace_id +int host_id +int service_id +string name +string description +string severity +string status +string resolution +string cvss2_vector_string +string cvss3_vector_string +string cvss4_vector_string +float cvss2_base_score +float cvss3_base_score +float cvss4_base_score +bool confirmed +datetime create_date +datetime update_date } class VulnerabilityWeb { +string website +string path +string method +string parameter_name +string request +string response } class VulnerabilityCode { +int source_code_id +string file_name +int line_number +string function_name } class User { +int id +string username +string password +string email +bool active +bool is_ldap +datetime create_date +datetime update_date } class Command { +int id +int workspace_id +string command +string tool +string params +string user +datetime create_date +datetime update_date } class Agent { +int id +int workspace_id +string name +string active +datetime create_date +datetime update_date } class Tag { +int id +string name +string slug } class Reference { +int id +string name +string url } class CVE { +int id +string name } class EnrichmentCve { +int id +string name +string description +string cvss2_vector_string +string cvss3_vector_string +string cvss4_vector_string +float cvss2_base_score +float cvss3_base_score +float cvss4_base_score +float epss +bool trending } class EnrichmentCwe { +int id +string name +string description +int top_position } class EnrichmentOwasp { +int id +string name +string description +date release +bool latest }