Faraday - Collaborative Penetration Test and Vulnerability Management Platform


Faraday is an Integrated Multiuser Pentest Environment that maps and leverages all the knowledge you generate in real time. 

It is designed for distributing, indexing, and analyzing the data generated during a security audit.

Faraday crunches the data you load into different visualizations that are useful to managers and pentesters alike.

Faraday Dashboard Screenshot

There are three Plugin types: console plugins which intercept and interpret the output of the tools you execute, report plugins which allows you to import previously generated XMLs, and online plugins which access Faraday's API or allow Faraday to connect to external APIs and databases.

However, these are not mutually exclusive, meaning that some tools have more than one Plugin to process their output. For example, Nmap has a Console plugin which allows you to run it directly from ZSH, but it also has a Report one, in order to import scans that were run outside of Faraday.

 The names of the available plugins are:
  • Acunetix (REPORT) (XML)
  • Amap (CONSOLE)
  • Arachni (REPORT, CONSOLE) (XML)
  • arp-scan (CONSOLE)
  • BeEF (API)
  • Burp, BurpPro (REPORT, API) (XML)
  • Core Impact, Core Impact (REPORT) (XML)
  • Dig (CONSOLE)
  • Dirb (CONSOLE)
  • Dnsenum (CONSOLE)
  • Dnsmap (CONSOLE)
  • Dnsrecon (CONSOLE)
  • Dnswalk (CONSOLE)
  • evilgrade (API)
  • Fierce (CONSOLE)
  • Fruitywifi (API)
  • ftp (CONSOLE)
  • Goohost (CONSOLE)
  • hping3 (CONSOLE)
  • Hydra (CONSOLE) (XML)
  • Immunity Canvas (API)
  • Listurls (CONSOLE)
  • Maltego (REPORT)
  • masscan (REPORT, CONSOLE) (XML)
  • Medusa (CONSOLE)
  • Metagoofil (CONSOLE)
  • Metasploit, (REPORT, API) (XML) XML report
  • Ndiff (REPORT, CONSOLE)
  • Nessus, (REPORT) (XML .nessus)
  • Netcat (CONSOLE)
  • Netdiscover (CONSOLE)
  • Netsparker (REPORT) (XML)
  • Nexpose, Nexpose Enterprise, (REPORT) (simple XML, XML Export plugin (2.0))
  • Nikto (REPORT, CONSOLE) (XML)
  • Nmap (REPORT, CONSOLE) (XML)
  • Openvas (REPORT) (XML)
  • PasteAnalyzer (CONSOLE)
  • Peeping Tom (CONSOLE)
  • ping (CONSOLE)
  • propecia (CONSOLE)
  • Qualysguard (REPORT) (XML)
  • Retina (REPORT) (XML)
  • Reverseraider (CONSOLE)
  • Sentinel (API)
  • Shodan (API)
  • Skipfish (CONSOLE)
  • Sqlmap (CONSOLE)
  • SSHdefaultscan (CONSOLE)
  • SSLcheck (CONSOLE)
  • Telnet (CONSOLE)
  • Theharvester (CONSOLE)
  • Traceroute (CONSOLE)
  • W3af (REPORT) (XML)
  • Wapiti (CONSOLE)
  • Wcscan (CONSOLE)
  • Webfuzzer (CONSOLE)
  • whois (CONSOLE)
  • WPScan (CONSOLE)
  • X1, Onapsis (REPORT) (XML)
  • Zap (REPORT) (XML)



No comments

Powered by Blogger.