Managing vulnerabilities is now easier in Faraday!
With the new update it is now possible to check the status of an issue – this could be opened, closed, re-opened or the risk is accepted.
If you set a vulnerability status as closed and later on when you re-scan the target the same issue is found again, the status will automatically change into re-opened allowing you to have a more granular view of the results of your scans. This is perfect for doing remediation retests, helping you to quickly understand what is still vulnerable.
Also, issues created by a specific tool, can now be filtered and sorted out. A great way to see where are the sources of information used during an engagement.
For example, as we can see in the following screenshots, we have three different issues that are closed . After we import a Nessus scan the issues are marked as re-opened , indicating that the vulnerability is still present in the last scan.
1. Closed issues
2. Re-opened by Nessus scan import
- Added a message to configure the Webshell – added a descriptive message for users who don’t have the Webshell properly configured
Webshell configuration message
- New library to connect with Faraday Server
- Fixed Fplugin, now it uses the new library to communicate with the Server
- New fields for Vulnerabilities: plugin creator and status
- Refactor in Faraday Core and GTK Client
- Bug fixing in Faraday Client and Server
- News boxes example in the WEB UI
- New plugins: Dirb, Netdiscover, FruityWifi, Sentinel
- Improvements on the WPscan plugin
- Fixed Licenses search – there was a bug that disabled the option to search for licenses, now it is fixed and full-text search is enabled in the Licenses component