KB Vulnerability Templates¶
Find yourself writing the same descriptions over and over again? Tired of typos coming up in your reports? Faraday provides a simple solution: unify criteria for naming vulnerabilities and save time and effort to yourself and your team.
Write vulns once and use them forever!
Faraday Server allows you to import your own CWE Vulnerabilities DB for you to use as templates. Is a simple CSV made using Open Source projects based in the CWE standard and allows you to create vulnerabilities without worrying about finding references, description, etc.
Populate your KB¶
Import csv file¶
Download our CWE example:
Navigate into Vulnerability > Vuln Template tab in your Faraday Instance Web UI and click on the Add Template Button:
A dropdown will appear and select Import From File.
Adding a Template from Vuln¶
You can also create templates manually from a vuln. In the Web UI, select a vuln and select Create template from the dropdown menu.
You will get a list of the existing templates in your installation
Adding a Template manually¶
Navigate into Vulenrabilty > Vuln Template tab in your Faraday Instance Web UI and click on the Add Template button:
You will get a form to generate the template.
Creating Vuln from Template¶
Click on new Vulnerability, on the name parameter Templates can be selected easily to select a Template form the name search.
You can also duplicate vulnerabilities easily by saving them as a template and later on importing the template.
Name, Description and Resolution fields are replaced with the information stored in the templates database.