Technical introduction¶

Faraday is a web application, the Server is made with python using Flask and the frontend is made with AngularJS (we are moving to ReactJS). It is deployed as a standard WSGI application. Its possible to interact with the Server using Faraday CLI and you can automatize tool usage with Faraday agent.

The data is persisted within a PostgreSQL database, processed with python libraries as SQLAlchemy and Marshmallow.

The server has other main components as the Report Processor, or the Websocket Server. The latter provides information to the CLI and the Agents.

Faraday CLI¶

Faraday CLI provides an interface for interacting with a terminal that allows the user to execute commands which results will be loaded inside Faraday Server. The CLI also allows the user to upload tool reports, create workspaces and configure your instance.

Faraday Agent¶

The Faraday Agents allows to automate the upload of different data to the server, such as integration with other applications or services; or execute some tools that the Faraday plugins can process. Moreover, the Agents can be executed on any remote computer and its Executors can be written in any language.

Burp / Zap Addons¶

Faraday has Burp/Zap Extensions that run inside the third party application. Using Faraday addons provides flexibility to ingress information inside Faraday Server from other applications.

Appendix¶

Database schema¶

Faraday manage command can generate the current database schema with:

faraday-manage database-schema

• frontend
• server
• faraday_client
• faraday_agent_dispatcher
• faraday_agent_parameters_types
• api_docs
• faraday_plugins
• burp_addon
• zap_addon