Faraday 1.0.16 Is A Multiuser Penetration Test IDE
A new concept called IPE, or Integrated Penetration-Test Environment has been introduced by the Faraday 1.0.16. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit.
The main aim of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.
The version comes up with a lot of changes in Web UI. It has the ability to group vulnerabilities by any field in our Status Report view. If you have a Pro or Corp license you can now create an Executive Report using only confirmed vulnerabilities, saving you, even more, time.
Changes Made In This New Version:
- In our Status Report, it has added group vulnerabilities.
- It also had added a port to Service type target.
- It able to filter false-positives in all these (Dashboard, Status Report, and Executive Report).
Features:
- Its design structure is simple.
- Its unable for users to notice any difference between their own terminal application and the one included in Faraday.
- It is developed with a specialized set of functionalities that help users improve their own work.
- Faraday is same as IDE does for you when programming but from the perspective of a penetration test.
Plugins
There are 3 kinds of plugins:
- First plugins can intercept commands, fired directly when a command is detected in the console. These are transparent to you and no additional action on your part is needed.
- Second plugins can import file reports. You have to copy the report to $HOME/.faraday/report/[workspacename] (replacing [workspacename] with the actual name of your Workspace) and Faraday will automatically detect, process and add it to the HostTree.
- Third plugin connectors or online (BeEF, Metasploit, Burp), these connect to external APIs or databases or talk directly to Faraday's RPC API.
Bug fixes:
- Faraday wouldn't start when the last workspace was null.
- CSV export/import in QT.
- It can fix a bug that prevented the use of "reports" and "cwe" strings in Workspace names.
- Unicode supports in Nexpose-full Plugin.
- It also fixed bug get_installed_distributions from handler exceptions.
- It enables to a fixed bug in the first run of Faraday with log path and API errors.
Installation:
This installation process applies only to Debian, Ubuntu, Kali and Backtrack OS.
Download the latest tarball or clone the Faraday Git Project:
$ git clone https://github.com/infobyte/faraday.git faraday-dev
$ cd faraday-dev
$ ./install.sh
$ ./faraday.py
Download
ليست هناك تعليقات:
إرسال تعليق