Every completed run can produce multiple artifacts at once so the same scan is useful for:
- terminal review
- plain-text notes
- offline HTML sharing
- machine-readable automation
- event-stream debugging
By default, report bundles are written to:
~/.asrfacet_rb/output/reports/<target>/<timestamp>/
Bundle contents:
report.cli.txtreport.txtreport.htmlreport.json
Best for live operator review.
Includes:
- key counts
- important hosts
- ports
- findings
- artifact paths
Best for notes, ticket attachments, or environments where HTML is inconvenient.
Includes:
- human-readable summaries
- explanation text
- recommendations
- change summaries
Best for offline review and sharing.
Includes:
- summary tables
- top assets
- findings
- change summary
- graph-oriented sections
- offline charts and visual summaries
Best for downstream tooling.
Includes:
- store contents
- graph
- diff
- correlations
- JS endpoint output
- execution metadata
The live stream is useful for debugging or replaying a run timeline.
Default location:
~/.asrfacet_rb/output/streams/
asrfacet-rb scan example.com --format html --output report.html
asrfacet-rb passive example.com --format json --output passive.jsonEven when --output is used, the framework still writes the full stored report bundle unless the run fails before artifact generation completes.
After installation, operators can inspect prior artifacts directly under the output root:
~/.asrfacet_rb/output/
The CLI prints the stored report paths after each run, and the web session UI exposes them as clickable report links for completed sessions.