Vulnerability Analysis

Faraday v2.7 – Collaborative Penetration Test and Vulnerability Management Platform

Faraday is the Integrated Multiuser Risk Environment you have always been looking for! It maps and leverages all the data you generate in real time, letting you track and understand your audits. Our dashboard for CISOs and managers uncovers the risks and impacts and risks being assessed by the audit in real-time without a single email. Developed with a specialized set of functionalities that helps users improve their own work, the main purpose is to re-use the available tools in the community and take advantage of them in a collaborative way!
As you have probably already heard, we are in the midst of a BIG upgrade in Faraday: replacing CouchDB with a much more robost database, Postgresql. This is taking a bit of time, as we are also redesigning parts of our database model to improve the performance of our app, but will be totally worth the wait!
Even though we are busy laboring away with this upgrade, we have not forgotten about you users! We have just released a new version of Faraday with some bug fixes, new plugins, and a csv importer!
What is new
Last modified and created timestamps
The hosts view now shows you the time of the most recent modification:

Click in the host and you can see the when it was created!

New feature: Import from CSV
Now you can import information of your CSV to Faraday and create any type of Object in it! Hosts, Interfaces, Services, Vulnerabilities, Vulnerabilities Web and Tags can be created using our new CSV-importer.
The CSV file needs to be formatted in a compatible way, all the information about this can be found HERE!

Changes and fixes
  • Added “Last modified” and “Created” in Hosts view.
  • Checks if the port 5985 is already in use and shows the corresponding error message.
  • Fixed bug when trying to run Faraday as second process and closing the terminal (&!).
  • Fixed bug where it asked for dependencies eternally when you have a different version than the one required.
  • Fixed small bug in the update_from_document method.
  • Fixed bug, makes the python library dependencies specific to the desired version.
  • Fixed GitHub language bar to reflect real code percentage.
  • Merge PR #195: Create gentoo_requirements_extras.txt (New Github wiki page).
  • Merge PR #225: Add references to found vulnerabilities in nmap plugin.
  • New plugin: Netsparker cloud.
  • New plugin: Lynis (Winner of Faraday Challenge 2017).
  • New Fplugin: changes the status of all vulnerabilities of an specific workspace to closed.
  • New Fplugin: combines the “create_interface” and “create_host” scripts into one (create_interface_and_host script).
  • New Fplugin: import_csv , now you can import Faraday objects from a CSV.