Web Application Security
Check out faraday v1.0.18! New CLI mode, Jira support & bug fixes! Apr 06 2016 01:47PM
Francisco Amato (famato infobytesec com)
Today we are happy to announce that Faraday v1.0.18 is ready!

A short iteration, filled with small powerups - brand new CLI mode
allows you to process reports in batch, new helpers and plugin fixes.

We know that our users rely on a lot of different systems and
solutions and we want to integrate Faraday in that workflow. In that
order we added the ability to easily export data into a JIRA
installation, allowing users to share the findings between the
security engineering, devops and development teams. In order to do
this, we added a new layer between Faraday and the database, making
our product more robust than ever. Expect a lot of new features in
this direction in the near future!


* Experimental JIRA integration - just enable Faraday Proxy Server:
https://github.com/infobyte/faraday/wiki/Faraday-Server#proxy, go to
our Status Report to select the desired vulns and click on the JIRA
button! Read more about it here:
* Added Faraday Proxy Server, a proxy between CouchDB and Faraday,
read about how to setup and run
* Improved Executive Report generation process
* Extended user management features

* Added CLI mode - to process the XML output of an Nessus scan located
in /tmp/nmap-scan.xmlinto the workspace named project_one run the
following command:

python2 faraday.py --cli --workspace project_one --report /tmp/nessus_scan.xml

read more about it here: https://github.com/infobyte/faraday/wiki/Usage#cli
* Now you can run as many Faraday instances as you like per host
* Added some new scripts and helpers (helpers/cfdbToCsv.py -
helpers/vulndbToCsv.py - bin/getExploits.py)

Bug fixes:

* Included all fields when editing Web Vulnerabilities in bulk mode in
our Web UI
* Fixed selection of Hosts and Services in both their lists in our Web UI
* Fixed Hosts and Services filters, when results were empty it showed
the loading icon forever, now it works as expected
* Fixed bugs in Qualys, ZAP, Nikto, w3af and OpenVAS plugins:

* ZAP - Fixed for newest report version and added Unicode support
* Nikto -Fixed for newest report version, added more data import
* Qualys - Fixed for newest report version, added more data import and
Unicode support
... and more!

We hope you enjoy it, and let us know if you have any questions or comments.

This list is sponsored by Cenzic
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!

[ reply ]


Privacy Statement
Copyright 2010, SecurityFocus