Import CSV using faraday_csv Plugin

Import CSV using faraday_csv Plugin

With faraday_csv Plugin, you can upload data to Faraday by using CSV files. 

Main header: The main headers for faraday_csv Plugin are target or ipBoth columns contain the same information (host's IP). Without any of them, Faraday won't recognize the plugin. We recommend you to use the target header.

You can upload hosts, services, and vulnerabilities. In order to upload them, you'll need to add the following mandatory headers:
  1. To upload hosts: you need to add the header target. This column will contain the host's IP.
  2. To upload services: you need to add the headers port and protocol. These columns will contain the service's port and protocol, respectively.
  3. To upload vulnerabilities: you need to add the headers name and desc. These columns will contain the vulnerability's name and protocol, respectively.
Note: in each case, you need to add the target header. The target in every row will be the parent of the service or vulnerability to be created.

Using Faraday's Export CSV with faraday_csv plugin

You can export your workspace with Faraday's Export CSV option and then import that same CSV into another workspace with faraday_csv plugin. Keep in mind that if you have vulnerabilities with Custom Fields, you'll need to change there Custom Fields headers. You can take a look at the Importing Custom Fields
section at the end of this article.

IMPORTANT: This feature works because of the compatibility between the headers of the CSV exported and the headers of the faraday_csv.

‚ÄčDon't use this feature to backup a workspace.
More headers

In case you need to add more information to the report, you can use the following headers for each object:
  1. Host's headers
    1. host_description
    2. os
    3. mac
    4. hostnames
  1. Service's headers
    1. service_name
    2. service_description
    3. version
    4. service_status
  1. Vulnerability's headers:
    1. vuln_name
    2. vuln_desc
    3. refs
    4. severity
    5. resolution
    6. data
    7. external_id
    8. confirmed
    9. vuln_status
    10. easeofresolution
    11. impact_confidentiality
    12. impact_integrity
    13. impact_availability
    14. impact_accountability
    15. policyviolations
    16. custom_fields
    17. website
    18. path
    19. request
    20. response
    21. method
    22. pname
    23. params
    24. query
    25. status_code
Importing Custom Fields
If you want to import vulnerabilities with Custom Fields, you'll need to change the Custom Fields' headers by adding "cf_" at the beginning of the header.
E.x: If you have a Custom Field named CVSS_Score, you have to define its header inside de CSV file as: cf_CVSS_Score.

    Still looking for answers? You can try opening a ticket.
      • Related Articles

      • Faraday Plugin

        Intro In order to manage, add, and list information stored in faraday, we created fplugin, a simple plugin that allows you to interact directly with our Python API from the command line. It gives Faraday powerful scripting features and allows you to ...
      • Basic Plugin Development

        This is an example of a Faraday Plugin that process a xml report. Configure Custom Plugins Folder To add custom plugins in faraday you first need to add the path where you have your plugins in the config.ini under server config section. ...
      • Burp Proxy Extender Plugin

        This plugin is a script developed in Java as an extender to the Burp Proxy API (Pro/Community). Installation with NGINX and SSL Enable (Auto-Signed Certificate) To enable Burp Plugin using NGINX and with SSL Enable you need the Name (e.g. server FQDN ...
      • Faraday Client

        GTK To access Faraday GTK, run faraday-client in the instance where you installed your Faraday Client .deb or .rpm (or .pkg, in Mac). You will be presented with a special version of your own ZSH terminal . Just as with GTK, Faraday intercepts every ...
      • Plugin List

        The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way. You break it. We keep track of the pieces! To maximize flexibility, Faraday Plugins run only on the Client. This means you can ...