The Vulns tab holds a full list of findings for your workspace. It provides several options including Vulnerability search, filtering and management.
You can personalize this view by clicking Add Column to add columns you wish to see, and remove the ones you don't need with the X's beside their names. These changes will be persisted in your browser from session to session, so you only have to apply them once.
To create Vulnerabilities manually, you can go to the Status Report page and click the New button at the top left corner. You should see a dialog similar to this:
The image above shows the tab Hosts that allows you to select the target of your Vulnerability. To specify the name and description of your Vulnerability, you can click on the second tab named General
You can also add more information to your Vulnerability:
Technical Details: allows you to add the field data to your Vulnerability. If you create a Web Vulnerability,
you will have more fields available such as path, method, request, response and so on.
Evidence: allows you to add an evidence image to your Vulnerability. It can be a PNG or JPG image.
Custom Fields: allows you to add information to a field that you have created. More info on those here.
Make sure you select a Host (and a Service if the Vulnerability applies to it), a name and a description. These fields are mandatory to create a Vulnerability.
You can edit the Vulnerabilities that you have created. You have multiple ways to do so:
You can see a preview of your Vulnerability by clicking on its name. From here you can edit your Vulnerability and it will be saved automatically.
As you can see in the image above, there is a new tab named Comments where you can leave comments and mention other users to notify them about important events in real time. For more information about Comments, you can check this page.
You can click on the Edit button (next to the New button) to open the edit modal:
If you select multiple Vulnerabilities, next to the Edit button you will find an arrow that will show a drop-down menu with the multiple values that you can edit at once:
You can search or filter your data by specifying a keyword or multiple keywords. In order to perform a search, type the keyword in the text field above the table. Field values are not case-sensitive.
In order to perform a search by one field, follow these steps:
Enter the name of the field (e.g. severity).
Type a colon (:) right next to the name of the field specified above.
Type in the word that you want to find inside quotation marks (")
name:"Nessus scan info"
In order to perform a search by many fields, you can use the logical operators and & or. To perform a search, follow the next steps:
Type a search for one field.
Type and or or.
Type a search for another field.
severity:"unclassified" and target:"18.104.22.168"
severity:"low" or service:"ssh" or target:"173.252"
Now, let's take a look at which fields are available for filtering with an example. All of them are searched through the search field.
service:"https" (only service's name)
resolution:"Resolution for testing vuln"
data:"Search and filter"
To search by Tags:
To group vulnerabilities by field you can use the Group By button. After the vulns are grouped you can select them for easy batch editing.
You can filter your vulnerabilities by confirmed, unconfirmed or all by clicking on the All button:
Tags allow you to organize your vulnerabilities. by letting you make and edit categories: environment, technology, state, language, projects, whatever. The team can then see the tagged vulnerabilities and organize the security evaluation.
The tags are assigned to the team's workspace letting you use different tags for different projects.
Select the vulnerabilities that you want to tag (for example those that have to do with SSL protocol):
After picking one of the vulnerabilities click on the "Tags" button:
Create the tag that you want (in our case SSL) and click OK:
Faraday supports CSV Exporting from its Web UI.
In order to download a CSV file containing all your findings, click on the green download link next to the search bar:
If you filter findings or hide columns in the Status Report, those changes will impact the output of the CSV Export (what you see on screen is what you’ll get in your exported file).
For example, if we use the search box to filter out vulnerabilities and leave only a few columns the resulting CSV will contain the same information as the list, as you can see in the images below.