الخميس، 28 يناير 2016

Faraday A Multi-User Penetration Test and Vulnerability Management Platform

Faraday A Multi-User Penetration Test and Vulnerability Management Platform


Faraday 1.0.16 Is A Multiuser Penetration Test IDE


A new concept called IPE, or Integrated Penetration-Test Environment has been introduced by the Faraday 1.0.16. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. 


The main aim of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

The version comes up with a lot of changes in Web UI. It has the ability to group vulnerabilities by any field in our Status Report view. If you have a Pro or Corp license you can now create an Executive Report using only confirmed vulnerabilities, saving you, even more, time.

Changes Made In This New Version:

  • In our Status Report, it has added group vulnerabilities.

  • It also had added a port to Service type target.
  • It able to filter false-positives in all these (Dashboard, Status Report, and Executive Report).


Features:

  • Its design structure is simple.
  • Its unable for users to notice any difference between their own terminal application and the one included in Faraday. 
  • It is developed with a specialized set of functionalities that help users improve their own work. 
  • Faraday is same as IDE does for you when programming but from the perspective of a penetration test.


Plugins

There are 3 kinds of plugins:

  • First plugins can intercept commands, fired directly when a command is detected in the console. These are transparent to you and no additional action on your part is needed.
  • Second plugins can import file reports. You have to copy the report to $HOME/.faraday/report/[workspacename] (replacing [workspacename] with the actual name of your Workspace) and Faraday will automatically detect, process and add it to the HostTree.
  • Third plugin connectors or online (BeEF, Metasploit, Burp), these connect to external APIs or databases or talk directly to Faraday's RPC API.

Bug fixes:

  • Faraday wouldn't start when the last workspace was null.
  • CSV export/import in QT.
  • It can fix a bug that prevented the use of "reports" and "cwe" strings in Workspace names.
  • Unicode supports in Nexpose-full Plugin.
  • It also fixed bug get_installed_distributions from handler exceptions.
  • It enables to a fixed bug in the first run of Faraday with log path and API errors.


Installation:

This installation process applies only to Debian, Ubuntu, Kali and Backtrack OS. 

Download the latest tarball or clone the Faraday Git Project:

$ git clone https://github.com/infobyte/faraday.git faraday-dev
$ cd faraday-dev
$ ./install.sh
$ ./faraday.py



Download

ليست هناك تعليقات:

إرسال تعليق