Faraday v3.12

Faraday Team
Sep 4 · 4 min read
Image for post
Image for post

There are better ways than managing vulnerabilities with spreadsheets, especially when you are working with several tools. We know it’s easy to lose trail of your efforts. In faraday you can keep track of your scanners and your team in one place,

This update is focused on improving your everyday tasks in managing information. The Jira and ServiceNow integrations now support custom templates, allowing the easy creation of issues in those platforms with only one click.

We keep adding features to our agents, allowing the reuse of them in multiple workspaces, so for example, you can share a scanner with multiple projects at the same time.

And last but not least, we are also releasing a brand new tool for managing data from Faraday in your terminal, faraday- cli.

Reuse your agents!

Ever since we launched Agents, Faraday has improved automatization with external tools. In order to continue improving this feature, we have added the possibility to run your agents in several workspaces at the same time, allowing you to get the most out of it.

Currently we support automation of 11 tools, including Arachni, Burp, Nessus, w3af so you can schedule your scans directly on faraday.

Image for post
Image for post

Customization on ticketing tools integration

One of the main goals of Faraday is to integrate the security operations to the rest of the company by integrating popular issue trackers such as Jiras and Service Now. You can now export vulnerability information directly to such ticketing tools.

With this new version, you can finally customize what information is sent to those platforms. Thanks to the new template feature you can send the required information with just one click.

Image for post
Image for post
Jira integration
Image for post
Image for post
ServiceNow integration

New plugins, new inputs

On this release, we continue integrating your favorite tools, many of which can be used to build DevSecOp pipelines. Faraday currently has more than 80+ plugins and we are happy to add the following ones:

  • RDP scan
  • HCL APPScan
  • SSL labs

Want to see more? Check out this repo: https://github.com/infobyte/faraday_plugins

Work directly from your terminal

We know that many of you are command line lovers, we are too! We wanted a better way of interacting with Faraday directly from our terminal. This new helper allows any Faraday user to:

  • Manage workspaces
  • Get information of hosts
  • Create vulnerabilities directly from commands and reports
  • Run your agents

Faraday-cli in action:

First you need to install faraday-cli, you can do that directly from pip:

The first step is to authenticate, if you don’t have a Faraday server you can try our demo instance: https://demo101.faradaysec.com (faraday/demo101)

Image for post
Image for post

Now you only need to select an available workspace, remember if you are using demo101 that is a public server:

Image for post
Image for post

Once you have configured faraday-cli you can use the rest of the features.
In this example we are going to use rdpscan (https://github.com/robertdavidgraham/rdpscan) and keep track of the results in Faraday:

Image for post
Image for post

If you want to see more examples head to our github repo: https://github.com/infobyte/faraday-cli

For any requests/questions, please contact us at sales@faradaysec.com and we’ll be happy to assist you on what you need.

There is a better way to work and manage your vulnerabilities, start now : https://faradaysec.com/faraday-landing/

Faraday Crew

https://www.faradaysec.com
https://github.com/infobyte/faraday
https://twitter.com/faradaysec
https://www.instagram.com/faradaysec/
https://www.linkedin.com/company/faradaysec

Faraday

Faraday Platform helps you perform security engineering by…

Faraday Team

Written by

Faraday

Faraday

Faraday Platform helps you perform security engineering by maximizing your team’s resources, increasing risk visibility by converting all your data into valuable information https://www.faradaysec.com/

Faraday Team

Written by

Faraday

Faraday

Faraday Platform helps you perform security engineering by maximizing your team’s resources, increasing risk visibility by converting all your data into valuable information https://www.faradaysec.com/

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch

Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore

Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store