Reporting
Output Formats
Each output type serves a different audience: live operator work, shareable narrative reports, packaged evidence, or downstream automation.
CLI
Best for live feedback
Readable operator output, findings, and top assets during a run.
TXT
Best for plain sharing
Human-readable offline notes and straightforward report exports.
HTML
Best for visual review
Dark-theme report pages, charts, summaries, and full tables in one file.
JSON
Best for tooling
Structured data for automation, API handoff, and downstream processing.
CSV
Best for spreadsheet work
Split exports for subdomains, IPs, ports, findings, and JavaScript endpoints.
PDF
Best for packaged evidence
Multi-page dark-theme summary reports through the Ruby or Node renderer path.
DOCX
Best for narrative editing
Editable document output for downstream review, markup, and handoff.
SARIF / ALL
Best for pipelines
Security-tool interchange output plus one-shot generation of the full report bundle.
Reporting
Sample Outputs
These examples show exactly what operators can expect to see after a run without needing to imagine the format.
CLI Snapshot
human-readable
asrfrb > scan scan.example.test --passive-only
Scan Overview
-------------
Target: scan.example.test
Subdomains: 2
Open ports: 0
Findings: 0
Recommended Next Steps
----------------------
Use the HTML report for richer offline triage and JSON for automation.
JSON Snapshot
automation
{
"subdomains": [
"scan.example.test",
"api.scan.example.test"
],
"generated_at": "2026-04-09T09:16:34Z",
"top_assets": []
}
Relationship Mapping Snapshot
correlation
{
"nodes": [
{"id":"scan.example.test","type":"domain"},
{"id":"45.33.32.156","type":"ip"},
{"id":"scan.example.test:80","type":"service"}
],
"edges": [
{"from":"scan.example.test","to":"45.33.32.156","relation":"resolves_to"},
{"from":"scan.example.test:80","to":"45.33.32.156","relation":"runs_on"}
]
}
Reporting
Configuration
Defaults ship with the framework, while user overrides live outside the repo and installed app folders.
| Path | Role |
|---|---|
config/default.yml | Packaged defaults bundled with the framework |
~/.asrfacet_rb/config.yml | User overrides merged on top of the defaults |
Reporting
Files & Storage
Runtime data is intentionally separated from the repo and installed application files so updates stay cleaner and safer.
| Location | Purpose |
|---|---|
~/.asrfacet_rb/output/ | Report bundles and generated artifacts |
~/.asrfacet_rb/memory/ | Recon memory and historical run state |
~/.asrfacet_rb/web_sessions/ | Saved web-session drafts and state |
/output/ | Repo-local generated output during development runs |
Reporting
Testing
The Rake-based verification flow is the main release gate. The current verified state is 241 examples, 0 failures.
rake
# Full release-style verification
$ bundle exec rake
# Focused targets
$ bundle exec rake spec
$ bundle exec rake test:web
$ bundle exec rake test:install
$ bundle exec rake verify
Current Verified Run
April 27, 2026 - bundle exec rake verify completed successfully with full specs, CLI, web-session, lab, installer, website-installer, deploy, and gem-build checks.