Executive Report

Executive Report

Intro

No more 3AM reporting!

The Executive Report feature lets you create (as the name implies) reports using the results obtained in each workspace. When an Executive Report is created, all the data from the Status Report is automatically processed and placed in a Word compatible document that can then be downloaded

Now your Reports can show Unclassified!


Managing Executive Reports

To manage your reports you need to access Faraday's Web UI and click on the Executive Report icon:


All the reports will be listed, including their information, status and link to download.


Making a report

To create a new report, navigate to the Executive Report component and click on New. A form will open asking for the following fields:

  • Report name - name of the report file.

  • Use only confirmed vulns for this report - if this checkbox is selected , no false positives will be present in the final report.

  • Tags - when selected, vulnerabilities will be filtered by the selected tag. If more than one tag is selected, all vulns containing

  • one of those will be present in the final report.

  • Template - select the template to use as a base for your report. Depending on the selected dataset the options will change.

  • Title - this is the name that will be used to create the cover of the report.

  • Client name - client name to be used inside the report.


To edit a report, select it and click on the Edit button. A modal will appear allowing you to modify all the report fields. Save it and a brand new report will be generated, keeping the original version intact. 

If, instead, you want a new report that is exactly like an existing one but with the current data of your workspace, you can click on the Regenerate button in the reports list. Reports can only be regenerated one at a time, so the regeneration buttons are disabled while this action is being performed.


Technical Details tab:

The following are a sort of placeholder fields for information that's commonly added to most reports. They are text fields and can be used for any relevant information, not just for what they're named after:

  • Scope

  • Objectives

  • Summary

  • Conclusions

  • Recommendations


Faraday processes all the information and spits out a shiny new report that is automatically available for download.



Filtering


There are two main ways to manage the data that goes into the final report - confirming vulns and tagging them .


By default all of the vulnerabilities added manually are set as confirmed and all of those added by a Plugin are set as false positives . If the checkbox "use only confirmed vulns" is selected, the report will only contain confirmed findings.

If you need a custom report that includes only some of the findings in the workspace, you can also tag the desired vulnerabilities and then create a report only with that tag.

At least one vulnerability must be tagged in order to have the option to generate a tag-filtered report. When the form opens an option to select tags will appear. Keep in mind that one or more tags can be selected.

These two parameters (confirmed and tags) can be mixed to create different outcomes.





Eliminating a report

From the Executive Report window, select the document and click on Delete


Templates

You can now create Custom Fields with Markdown!

Datasets

Faraday provides two different datasets to create Executive Reports - generic and grouped.

The  generic  dataset  provides one entry for each individual vulnerability with all of its fields readily available as a dictionary. The field parent contains an ID corresponding to the Vulnerability's parent (either a Host or a Service).

The  grouped  dataset  groups vulnerabilities by name and description. If two or more vulnerabilities share the same name and description, they will be presented as one. The field parent contains a Python Dictionary-style object with the parent IDs as keys and a Python Dictionary-style object containing evidence_subdoc, data and target as values. Tags and references will be merged for vulnerabilities that are grouped and not separated by parent.

Keep in mind that each template should be designed for a specific dataset and that these are not interchangeable. The default templates that come with your instance are located at /opt/faraday/lib/python3.7/site-packages/faradaysec-3.10.2-py3.7.egg/faraday/reports/executive/templates/

All report templates are located in /home/faraday/.faraday/executive_reports_templates/  in your Faraday installation directory. They should be located in a subdirectory named generic, grouped, markdown_generic or markdown_grouped depending of the type of template you are creating.
Here are the default docx templates we provide:

You can download an example report  here  and its corresponding template  here .

The template uses Jinja2 syntax so we strongly recommend reading the official documentation before modifying the document. The library used to create the report is python-docx-template available via Github . All Jinja2 tags are available, although there are some restrictions .

An example of how the template cover looks like







    Still looking for answers? You can try opening a ticket.
      • Related Articles

      • Build your own Report template

        Available Variables The data available to the Report template is: General Variables conclusions - contains the text loaded when creating the report date - the date when the Report was created, as the name of the month and four digits for the year ...
      • Executive Report jinja2 Template Context json

        These are examples of jinja2 static dataset usage. You can access this information from the docx template. Executive reports use jinja for rendering the report, check jinja documentation for more details. methodologies can be used from version 3.12 ...
      • Using Markdown on a Report

        For using markdown on Executive Reports, please enable it on /home/faraday/.faraday/config/server.ini by adding: [executive_report] markdown = true On your templates, to render the markdown you must use the p filter, like this:  {{ p vuln.description ...
      • Faraday is not importing my report

        First let's make sure there is a Plugin to parse it so make sure your tool is listed in our Plugin List.  Not there? Code your own or ask us to do it. You can also try to force Faraday to process a report with a certain plugin. For example, let's say ...
      • Jinja was looking for the following tags: 'endmacro'.

        Upon FaradaySEC v3.12 we upgraded our jinja templates libraries, this affected our macro. In our original template the macro contains a "-" which is now incompatible and requires template update. The correct macro is: {% macro severity(name) %}{% if ...