Skip to content

KB Vulnerability Templates

Find yourself writing the same descriptions over and over again? Tired of typos coming up in your reports? Faraday provides a simple solution: unify criteria for naming vulnerabilities and save time and effort to yourself and your team.

Write vulns once and use them forever!

Faraday Server allows you to import your own CWE Vulnerabilities DB for you to use as templates. Is a simple CSV made using Open Source projects based in the CWE standard and allows you to create vulnerabilities without worrying about finding references, description, etc.

Populate your KB

Import csv file

Download our CWE example:

Navigate into Operations > KB tab in your Faraday Instance Web UI and click on the import icon:

A modal dialog will pop up asking you to choose a CSV file to upload, select it, click ok and you're done!

Adding a Template from Vuln

You can also create templates manually from a vuln. In the Web UI, select a vuln and select Create template from the dropdown menu.

You will get a list of the existing templates in your installation

Adding a Template manually

Navigate into Operations > KB tab in your Faraday Instance Web UI and click on the New button:

You will get a form to generate the template.

Usage

Creating Vuln from Template

Login to your Faraday Web UI and create or edit a vulnerability. A search field will allow you to find your templates, as shown in the picture below.

You can also duplicate vulnerabilities easily by saving them as a template and later on importing the template.

Note

Name, Description and Resolution fields are replaced with the information stored in the templates database.