Use Slash Command in Slack to interact with Faraday

September 19, 2023

Slack (1)In this blog, we are going to create a Slack app to allow us to interact with Faraday API using its known Slash Commands.

This allows for flexibility in performing various security tasks and queries directly from Slack. Providing visibility into Faraday’s data and functionality within the Slack environment. Helping security teams stay informed.

For this purpose, we need the following:

– We need permissions over a slack workspace to create our new Slack app.

– We require a Faraday installation already working.

– We require a Faraday dedicated user for this slack bot. We could use an already created user, but we don’t recommend this.

Step 1: Creating our Slack App

The first thing we need to do is enter to this URL After that, click on the button Create an App. A popup will appear, so you need to put the app name and select the related workspace. Then click on the button Create App.slack2

After creating our Slack app, we need to save the Signing Secret that appears in the App Credentials section because we will use it later.slack3

Step 2: Starting our faraday-slackbot server

Once we’ve created our Slack app, we need to run and expose our faraday-slackbot server. As pre-requirement, we need to install python 3.7 or higher, pip and virtualenv.

After installing the pre-requirements, we need to clone the repository from this link and execute the following commands in a terminal:python

Now we have already installed the server, so we can run it. It is important to tell you that environment variables are required to perform this. Those environment variables could be set via .env file with the variables inside or passing them in the same line of the execution command.Executing directly in one line:python2

Using .env file:python3

Note: The README.md file in the repository explains each parameter.

Now we need to expose over the internet this local server. This is necessary because Slack will execute requests to a specific URL that should be public.

For this blog, we are using ngrokbecause it is an easy way to expose a local server, but remember that this is just an example. We need to execute the following:

./ngrok http 5000

After that, we need to save the exposed urls:python4

We can check that they are working accessing to http://11da81e648a8.ngrok.io/health-check and https://11da81e648a8.ngrok.io/health-check and verifying that they respond with the following JSON:

status

We are going to use only the https url

Step 3: Create our slash command

After creating our Slack app and exposing our faraday-slackbot server, we need to go to the section Slash Command in the left menu and click on the button Create New Command.

slack4slack5

After that, a modal will appear. The mandatory fields are the name for the slash command, the request URL and the short description.

The name will be the way to invoke the slash command, in our case we are going to use /faraday, but you can use another if you want. The Request URL must be the previously exposed by us with the path /slack.

So, in our example, we are going to fill these fields as follows:slack6

After complete the modal, we need to click on Save button, and our slash command will be created and configurated.

Step 4: Install our app in the workspace

After create our Slack app and our slash command, still we need to install in the workspace. To do this, we need to go to the Install App section on the left menu. Then, click on the button, Install app to Workspace. After that, Slack will ask you if your workspace gives permissions to your app, so we need to click on Allow button. Now we have all the environment working, let’s test it.

Step 5: Using our new slash command

Now we are going to use our slash command. The first command that we are going to execute is /faraday help:slack7

As you can see, the first command we need to execute is /faraday ws-set <ws_name> because all the following commands will be executed over the selected workspace.So we are going to execute /faraday ws-set testslack8

As you can see, now we can execute the others commands. For example, we can view a summary for the workspace test executing /faraday summary.slack9

And that’s all. This repository has a basic interaction with Faraday API, but it was designed to grow and add new commands.From already, all suggestion and pull requests are welcome to improve this repository.

Continue Reading

The latest handpicked blog articles
Check all articles

Our team’s vulnerabilities disclosures 2024

Our security research team actively investigates vulnerabilities in widely used technologies, with a strong focus on network infrastructure and embedded systems. Throughout 2024, our researchers reported multiple security issues affecting

January 8, 2026
Read article

Ekoparty 2025: otra edición, nuevas conexiones y la misma pasión por hackear

Cada año, la Ekoparty nos recuerda por qué amamos lo que hacemos.Nos preparamos con la misma energía de siempre: para reencontrarnos con la comunidad, compartir lo que investigamos, aprender de otros y,

January 6, 2026
Read article

EmploLeaks: Finding Leaked Employees for the WinWebinar led by Gabriel Franco

Gabriel Franco is our Head of Cybersecurity Services and introduces this new open-source tool, presented at Black Hat Arsenal. Emploleaks enables the collection of personal information using Open Source Intelligence

December 28, 2025
Read article

Stay Informed, Subscribe to Our Newsletter

Enter your email and never miss timely alerts and security guidance from the experts at Faraday.

Faraday provides a smarter way for Large Enterprises, MSSPs, and Application Security Teams to get more from their existing security ecosystem.

Headquarters

  • 3310 Mary St Suite 501
Miami, FL 33133, USA
  • +1 904 715 4284

Research Lab & Dev

  • Bolivar 238 2° Floor
Buenos Aires, C1066AAF
Argentina
  • +54 11 4331 0469

Solutions

Open Source

© 2025 Faraday Security. All rights reserved.
Terms and Conditions | Privacy Policy