Building Faction Extensions

Faction now as an API similar to what you might find BurpSuite Extensions. You can create modules and in copy them to the server and Faction will automatically pick them up and do additional processing on certain events.

You can can extend things like Application Inventory Search so that it queries an external database to return results before scheduling assessments. If you have configured custom fields you can write an extension to search database and update things like application owner or other meta data about the application that Faction does not support by default.

Below is a list of the following Hooks:

Application Inventory Extension:

  • Triggers on Assessment Scheduling and will then query external sources instead of the local database.
  • Can search based on Application ID or Application name. It will return an InventoryResult Object (explained later)

Assessment Manager Extension:

Typical use case scenario: When an assessor finalizes an assessment the module can send all the vulns to another tracking system like Jira and return the tracking numbers into Faction.

  • Triggers on Assessment Create, Update, Delete, Finalized, Peer Review Created, Peer Review Complete, Peer Review Accepted
  • Accepts the Triggered Assessment and List of vulns associated with the assessment.
  • Returns an Object Array that is the updated Assessment and updated List of vulns
  • If return object is null Faction will not update locally

Vulnerability Manager Extension:

Typical use case scenario: When an assessor creates or updates a vulnerability t the module can send send the vulnerability to another tracking system like Jira and return the tracking number into Faction.

  • Triggers on Assessment Create, Update, Delete
  • Accepts the Triggered Assessment and  vulnerability that is being processed.
  • Returns the updated vulnerability
  • if return object is not then Faction will not update locally

Verification(Retest) Manager Extension:

  • Triggers on Pass, Fail, Cancel, Assigned
  • Accepts the Triggered Assigned User, Vuln Assigned, Start and end dates for the verification.
  • Returns the updated vulnerability