Faraday vulnerability search

Faraday vulnerability search

The vulnerability search allows you to build search queries to search for vulnerabilities.

screenshot of vulnerability search
For using the search you need to know the vulnerability attributes and its relationships.
Vulnerability contains the following attributes:
  1. name
  2. target
  3. confirmed
  4. severity (informational, low, medium, high, critical)
  5. confirmed (true, false)
  6. status (open, closed, re-opened, risk-accepted)
  7. id
  8. service__port
  9. hostname
  10. tags (use tags:qa or tags:dev )
  11. method
  12. status_code (http status code for vulnerability web)
  13. tool (ex. tool:Nessus)


The query syntax is attribute_name:search_value. For example, lets suppose you want to search for critical or high, but also confirmed:
  1. (severity:high or severity:critical) and confirmed:true
In the previous example we use parenthesis since the search allows you to nest conditions.

Another interesting query could be:
  1. (tags:qa or tags:dev) and (severity:high or severity:critical)
The previous example will search for critical or high issues in qa or dev environments.

You can also search by service port:
  1. (service__port:80) and hostname:www.test.com

    Still looking for answers? You can try opening a ticket.
      • Related Articles

      • Vulnerability Templates (KB)

        Intro Find yourself writing the same descriptions over and over again? Tired of typos coming up in your reports? Faraday provides a simple solution: unify criteria for naming vulnerabilities and save time and effort to yourself and your team. Write ...
      • Report a security vulnerability in Faraday

        If you've found a security vulnerability in Faraday, please send us an email with all relevant information about your discovery to: security@faradaysec.com To encrypt your communications or to verify signed messages you receive from us you can use ...
      • Faraday Client

        GTK To access Faraday GTK, run faraday-client in the instance where you installed your Faraday Client .deb or .rpm (or .pkg, in Mac). You will be presented with a special version of your own ZSH terminal . Just as with GTK, Faraday intercepts every ...
      • Faraday Plugin

        Intro In order to manage, add, and list information stored in faraday, we created fplugin, a simple plugin that allows you to interact directly with our Python API from the command line. It gives Faraday powerful scripting features and allows you to ...
      • Faraday Add-On

        Faraday Addon is a simple add-on for automatically reporting vulnerabilities from the browser to your own Faraday instance. It intercepts every single request from the browser, adding a functionality for accessing each one of them and treating them ...