Fabric is an open-source Command-Line Interface (CLI) tool with a configuration language designed to encode and automate content generation for cybersecurity and compliance.
Fabric generates documents from templates written in Fabric Configuration Language (FCL). The templates are modular and reusable. By including data requirements and content structure definitions in the templates, the template authors can significantly reduce the manual effort of data consolidation and document build-up.
See Tutorial for an introduction to FCL and Fabric.
Fabric templates can include static content, dynamic templates (powered by Go templates) or rely on
GenAI for content generation (with openai
plugin, for example).
[!NOTE]
Fabric is currently in the early stages of development, and there may be some issues. If you have any suggestions, ideas, or bug reports, please share them in Fabric Community slack.
Fabric supports plugins that offer integrations with various platforms, data stores, and security solutions, including JSON/CSV files, Elastic, OpenCTI, Splunk Cloud, GitHub, and more.
You can find the full list of supported plugins in the documentation.
You can find open-source templates for CTI, pentesting and SecOps use cases in Fabric Templates repository.
To install Fabric on macOS with Homebrew, run these commands:
# Install Fabric from the tap
brew install blackstork-io/tools/fabric
# Verify the version installed
fabric --version
The tap is updated automatically with every release.
The Docker images for Fabric are hosted in Docker Hub.
To run Fabric as a Docker image use a name blackstorkio/fabric
:
docker run blackstorkio/fabric
Fabric binaries for Windows, macOS, and Linux are available at "Releases" page in the project's GitHub.
To install Fabric:
For example, the steps for macOS (arm64) are:
# Create a folder
mkdir fabric-bin
# Download the latest release of Fabric
wget https://github.com/blackstork-io/fabric/releases/latest/download/fabric_darwin_arm64.tar.gz -O ./fabric_darwin_arm64.tar.gz
# Unpack Fabric release archive into `fabric-bin` folder
tar -xvzf ./fabric_darwin_arm64.tar.gz -C ./fabric-bin
# Verify that `fabric` runs
./fabric-bin/fabric --help
The core fabric
commands are:
install
— install all plugins listed as required in the configuration (see
Configuration).data
— executes the data block and prints out prettified JSON to standard output (see Data
blocks).render
— renders a document template and prints out the result to standard output or a file.For more details, run fabric --help
:
$ ./fabric --help
Usage:
fabric [command]
Available Commands:
completion Generate the autocompletion script for the specified shell
data Execute a single data block
help Help about any command
install Install plugins
render Render the document
Flags:
--color enables colorizing the logs and diagnostics (if supported by the terminal and log format) (default true)
-h, --help help for fabric
--log-format string format of the logs (plain or json) (default "plain")
--log-level string logging level ('debug', 'info', 'warn', 'error') (default "info")
--source-dir string a path to a directory with *.fabric files (default ".")
-v, --verbose a shortcut to --log-level debug
--version version for fabric
Use "fabric [command] --help" for more information about a command.
Visit https://blackstork.io/fabric/docs/ to see full documentation for Fabric.
If you suspect any vulnerabilities within Fabric, please report them using GitHub's security advisory reporting. We treat every report with the utmost seriousness and commit to conducting a thorough investigation.
We kindly request that you task with us before making any public disclosures. This precautionary step ensures that no excessive information is shared prematurely, allowing us to prepare a patch. It also gives users enough time to upgrade.
Fabric is licensed under Apache-2.0 license. See the LICENSE file for the details.