Skip to content

Releases: infobyte/faraday

Minor release

27 Aug 18:45
@llazzaro llazzaro
v3.0.1
680807f
Compare
Choose a tag to compare
Minor release

Updated code to use Flask 1.0
Add threadfix integration (corp only)
Fix create_service fplugin
Executive report bug fix on tags
Persistence server bug fix on impact and ease of resolution
Fix unicode error bug on executive reports
Updated code to support latest Twisted version
Updated all requirements to use >=
Fix dry run on create_host fplugin
Fixed del_all_vulns_with and del_all_hosts
Improved executive reports status update refresh
Websocket port is configurable now
Change minimum font size in tag cloud
Fixed a problem with shodan icon on dashboard
Updated license check on deleted users
Users with role client was not able to change password, bug fixed
Updated code to support pip 10
Added ldap to status check
Credentials icon aligned
Deamon now allows to execute faraday sever in more than one port and more than one process for multiplexation
All views now check for permissions on workspace
Pull requests #229, #231, #239 and #240 are merged
Avoid polling deleted executive reports
Added documentation to project
Fix self xss on webshell
Add postgres locks check on status_check
Vuln counter fix when confirmed is on

Assets 2
Loading

v3.0

26 Jul 20:00
@llazzaro llazzaro
v3.0
6c5ae9a
This commit was signed with the committer’s verified signature. The key has expired.
llazzaro Leonardo Lazzaro
GPG key ID: D402C15AC433BC0E
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v3.0

July 26, 2018:

  • Interface removed from model and from persistence server lib (fplugin)
  • Performance iprovements on the backend
  • Add quick change workspace name (from all views)
  • Changed the scope field of a workspace from a free text input to a list of targets
  • New faraday styles in all webui views
  • Add search by id for vulnerabilities
  • Add new plugin sslyze
  • Add new plugin wfuzz
  • Add xsssniper plugin
  • Fix W3af, Zap plugins
  • Add brutexss plugin
  • Allow to upload report file from external tools from the web
  • Fix sshcheck import file from GTK
  • Add reconng plugin
  • Add sublist3r plugin
  • Add HP Webinspect plugin
  • Add dirsearch plugin
  • Add ip360 plugin
  • CouchDB was replaced by PostgreSQL :)
  • Host object changed, now the name property is called ip
  • Interface object was removed
  • Note object was removed and replaced with Comment
  • Communication object was removed and replaced with Comment
  • Show credentials count in summarized report on the dashboard
  • Remove vuln template CWE fields, join it with references
  • Allow to search hosts by hostname, os and service name
  • Allow the user to specify the desired fields of the host list table
  • Add optional hostnames, services, MAC and description fields to the host list
  • Workspace names can be changed from the Web UI
  • Exploitation and severity fields only allow certain values. CWE CVEs were fixed to be valid. A script to convert custom CSVs was added.
  • Web UI path changed from /_ui/ to / (_ui has now a redirection to / for keeping backwards compatibility)
  • dirb plugin creates an informational vulnerability instead of a note.
  • Add confirmed column to exported csv from webui
  • Fixes in Arachni plugin
  • Add new parameters --keep-old and --keep-new for faraday CLI
  • Add new screenshot fplugin which takes a screenshot of the ip:ports of a given protocol
  • Add fix for net sparker regular and cloud fix on severity
  • Removed Chat feature (data is kept inside notes)
  • Add CVSS score to reference field in Nessus plugin.
  • Fix unicode characters bug in Netsparker plugin.
  • Fix qualys plugin.
  • Fix bugs with MACOS and GTK.
Assets 2
Loading

Version 2.7.2

10 Apr 21:46
@Ezequieltbh Ezequieltbh
v2.7.2
b52b50a
Compare
Choose a tag to compare
Version 2.7.2

April 10, 2018:

  • Fix bug with tornado version 5.0 and GTK client.
Assets 2
Loading

Version 2.7.1

17 Nov 22:19
@Ezequieltbh Ezequieltbh
v2.7.1
0734fa9
Compare
Choose a tag to compare
Version 2.7.1

November 17, 2017:

  • Fix bug with tags in models.
Assets 2
Loading

Version 2.7

08 Nov 22:05
@Ezequieltbh Ezequieltbh
v2.7
e7adb31
Compare
Choose a tag to compare
Version 2.7
  • Added "Last modified" and "Created" in Hosts view
  • Fixed bug when trying to run Faraday as second process and closing the terminal (&!)
  • Fixed bug where it asked for dependencies eternally when you have a different version than the one required
  • Fixed small bug in the update_from_document method
  • Fixed bug, makes the python library dependencies specific to the desired version
  • Fixed GitHub language bar to reflect real code percentage
  • Merge PR #195: Create gentoo_requirements_extras.txt (New Github wiki page)
  • Merge PR #225: Add references to found vulnerabilities in nmap plugin
  • New plugin: Netsparker cloud
  • New plugin: Lynis (Winner of Faraday Challenge 2017)
  • New Fplugin: changes the status of all vulnerabilities of an specific workspace to closed
  • New Fplugin: combines the "create_interface" and "create_host" scripts into one (create_interface_and_host script)
  • New Fplugin: import_csv , now you can import Faraday objects from a CSV
Assets 2
Loading

v2.6.3

17 Oct 18:28
@micabot micabot
v2.6.3
efdb266
Compare
Choose a tag to compare
v2.6.3
  • Updated Core Impact plugin to be compatible with 2016 version
  • Improved loading of fields request and website in Burp Plugin
  • Improved Nexpose Full plugin
  • Improved Acunetix plugin to avoid conflicts and missing imported data, and to correctly parse URLs and resolutions
Assets 2
Loading

v2.6.2

09 Aug 21:41
@micabot micabot
v2.6.2
df37644
Compare
Choose a tag to compare
v2.6.2 
Merge branch community
Assets 2
Loading

v2.6.1

08 Aug 20:57
@micabot micabot
v2.6.1
2528b4e
Compare
Choose a tag to compare
v2.6.1
  • Updated Core Impact plugin to be compatible with 2016 version
  • Improved loading of fields request and website in Burp Plugin
  • Improved Nexpose Full plugin
  • Improved Acunetix plugin to avoid conflicts and missing imported data, and to correctly parse URLs and resolutions
Assets 2
Loading

v2.6.0

24 Jul 19:32
@micabot micabot
v2.6.0
8b34d77
Compare
Choose a tag to compare
v2.6.0
  • Added the ability to select more than one target when creating a vuln in the Web UI
  • Merged PR #182 - problems with zonatransfer.me
  • Fixed bug in Download CSV of Status report with old versions of Firefox.
  • Fixed formula injection vulnerability in export to CSV feature
  • Fixed DOM-based XSS in the Top Services widget of the dashboard
  • Fix in AppScan plugin.
  • Fix HTML injection in Vulnerability template.
  • Add new plugin: Junit XML
  • Improved pagination in new vuln modal of status report
  • Added "Policy Violations" field for Vulnerabilities
Assets 2
Loading

v2.5.0

26 May 18:50
@micabot micabot
v2.5.0
090be30
Compare
Choose a tag to compare
v2.5.0
  • Fixed bug when editing workspaces created in GTK
  • Improved host search in the WEB UI
  • Extended the config to support different searching engines in the WEB UI
  • Check that client and server versions match when connecting
  • Adds the 'v' and 'version' argument for both the server and the client
  • Fixed "refresh" button in the Web UI
  • Fix API on /ws/ with duration object None
  • Added a CRUD for Credentials to the Web UI
  • Bug fixes on the Burp Online Plugin
  • Added a script to connect with Reposify
  • Fixed Hostname import in Nessus Plugin
  • Make plugin methods log() and devlog() work again
  • Fixed bug in SQLMap plugin that made the client freeze
  • Improved SQLMap plugin to support more options and to show errors in GTK log console
  • Fixed bug when creating/updating Credentials
  • Improve plugins usage of vulnweb URL fields
  • Fixed order of Report Plugins in the GTK import list
Assets 2
Loading