| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 24 Jul 2017 16:59:21 -0300 From: Francisco Amato <famato@...obytesec.com> To: fulldisclosure@...lists.org Subject: [FD] Faraday v2.6: Collaborative Penetration Test and Vulnerability Management Platform Faraday is the Integrated Multiuser Risk Environment you were looking for! It maps and leverages all the knowledge you generate in real time, letting you track and understand your audits. Our dashboard for CISOs and managers uncovers the impact and risk being assessed by the audit in real-time without the need for a single email. Developed with a specialized set of functionalities that helps users improve their own work, the main purpose is to re-use the available tools in the community taking advantage of them in a collaborative way! Check out the Faraday project in Github. https://github.com/infobyte/faraday In the last couple of versions we added several features to allow our users to manage more and more parts of their engagements directly from our platform so we realized, why not also add the option to manage methodologies and tasks? And so we did! * Kanban Tasks View: Now you can create your custom methodologies, add tasks, tag them and keep track of your whole project directly from Faraday. * Improving the Data Analysis tools: As per your requests, we made some changes to the existing Data Analysis tools introduced in the last release. We added the possibility to change data configuration in order to customize charts, a new bar chart type to show most vulnerable services and a filter for undefined or null values. * Executive Report clean up: Some users reported issues with the sorting of Hosts and Evidence in the reports. We fixed it so the hosts in grouped reports are sorted by IP and evidence is sorted by alphabetically by name. We know sometimes it is necessary to use special characters for evidence names. Some of our users * Web UI : Now you can manually create the same vulnerability in several hosts at once! Select as many targets as you want when creating your vulns. - Add vuln to multiple targets at once Also, we made the vulnerability creation modal more consistent with the rest of the views by starting the pagination of the targets in page 1 instead of 0. Changes: - Improved Data analysis charts. Added more chart properties and data binding - Improved target ordering in grouped reports - Fixed bug with new line character in reports DOCX - Adds alphabetical sort for Evidence in the Executive Report - Fix bug updating users with no roles - Fixed report creation with evidence names containing special chars - Added Tasks Management to the Web UI - Added the ability to select more than one target when creating a vuln in the Web UI - Merged PR #182 - problems with zonatransfer.me - Fixed bug in Download CSV of Status report with old versions of Firefox - Fixed formula injection vulnerability in export to CSV feature - Fixed DOM-based XSS in the Top Services widget of the dashboard - Fix in AppScan plugin - Fix HTML injection in Vulnerability template - Add new plugin: Junit XML - Improved pagination in new vuln modal of status report - Added "Policy Violations" field for Vulnerabilities We hope you enjoy it, and let us know if you have any questions or comments. Come to #BHUSA - Mandalay Bay - Business Hall (July 26th - 27th) We will be at booth IC43 https://www.blackhat.com/us-17/event-sponsors.html#faraday https://www.faradaysec.com https://github.com/infobyte/faraday https://twitter.com/faradaysec https://forum.faradaysec.com/ https://www.faradaysec.com/ideas _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists