Using Markdown on a Report

Using Markdown on a Report

For using markdown on Executive Reports, please enable it on /home/faraday/.faraday/config/server.ini by adding:

[executive_report]
markdown = true


On your templates, to render the markdown you must use the p filter, like this: 

{{ p vuln.description }}


Executive report supports markdown on the following fields:

  • Vulnerability description

  • Vulnerability data

  • Executive report scope

  • Executive report objectives

  • Executive report summary

  • Executive report conclusions

  • Executive report recommendations


And the following styles:

Heading 

# H1 / ## H2 / ### H3


Bold

**bold text**


Italic

*italicized text*


Blockquote

> blockquote


Code

`code`


Horizontal Rule

---


[title](https://www.example.com/)


Table

| Syntax | Description | 

| ----------- | ----------- |

| Header | Title |

| Paragraph | Text |


Fenced Code Block

```

{

firstName: ""John"",

lastName: ""Smith"",

age: 25

}

```


Strikethrough

~~The world is flat.~~


Inline Images

You can use inline images with Faraday Evidence in the fields above by adding an Evidence file to your vulns and adding markdown like this:

(evidence:vulnerability:ID:evidence_filename.png)


For example, if you wanted to explain how to reproduce the issue in the Vulnerability description:

The Vulnerability is triggered by opening the following url:
(evidence:vulnerability:ID:web_app_step_1.jpg)

After you open the vulnerable url, enter the following on the form:
(evidence:vulnerability:ID:web_app_step_2.jpg).

The following screenshot shows the database contents:
(evidence:vulnerability:ID:database_table_names.jpg)

 

Make sure to always leave a space between your text and your image, otherwise the text above it won't be rendered.



    Still looking for answers? You can try opening a ticket.
      • Related Articles

      • Executive Report

        Intro No more 3AM reporting! The Executive Report feature lets you create (as the name implies) reports using the results obtained in each workspace. When an Executive Report is created, all the data from the Status Report is automatically processed ...
      • Import CSV using faraday_csv Plugin

        With faraday_csv Plugin, you can upload data to Faraday by using CSV files.  Main header: The main headers for faraday_csv Plugin are target or ip. Both columns contain the same information (host's IP). Without any of them, Faraday won't recognize ...
      • Executive Report jinja2 Template Context json

        These are examples of jinja2 static dataset usage. You can access this information from the docx template. Executive reports use jinja for rendering the report, check jinja documentation for more details. methodologies can be used from version 3.12 ...
      • Build your own Report template

        Available Variables The data available to the Report template is: General Variables conclusions - contains the text loaded when creating the report date - the date when the Report was created, as the name of the month and four digits for the year ...
      • Faraday is not importing my report

        First let's make sure there is a Plugin to parse it so make sure your tool is listed in our Plugin List.  Not there? Code your own or ask us to do it. You can also try to force Faraday to process a report with a certain plugin. For example, let's say ...