Faraday v3.4 - Collaborative Penetration Test and Vulnerability Management Platform
Here’s the main new features and improvements in Faraday v3.4:
Services can now be tagged. With this new feature, you can now easily identify important services, geolocate them and more.
New search operators OR/NOT
In a previous release we added the AND operator, now with 3.4 you can also use OR and NOT operators in the Status Report search box.
This will allow you to find vulnerabilities easily with filters like this one:
(severity:critical or severity:high) or name:”MS18-172”
Performance improvements for big workspaces
We have been working on optimization for our API Rest endpoints to support millions of vulnerabilities in each workspace.
Here is the full change log for version 3.4
- In GTK, check active_workspace it's not null
- Add fbruteforce services fplugin
- Attachments can be added to a vulnerability through the API.
- Catch gaierror error on lynis plugin
- Add OR and NOT with parenthesis support on status report search
- Info API now is public
- Web UI now detects Appscan plugin
- Improve performance on the workspace using custom query
- Workspaces can be set as active/disable in the welcome page.
- Change Nmap plugin, response field in VulnWeb now goes to Data field.
- Update code to support latest SQLAlchemy version
- Fix `create_vuln` fplugin bug that incorrectly reported duplicated vulns
- The client can set a custom logo to Faraday
- Centered checkboxes in user list page
- Client or pentester can't activate/deactivate workspaces
- In GTK, dialogs now check that user_info is not False
- Add tags in Service object (Frontend and backend API)
- Limit of users only takes the active ones
- Improve error message when the license is not valid