Release v4.3.5
Offensive SecurityVulnerability ManagementLatest Release
May 4, 2023
We are happy to share the latest updates of our vulnerability management platform.
Faraday v4.3.5 is here!
It has been planned with our customers in mind. We are redefining productivity and making our platform more powerful and user-friendly than ever to enhance your experience securing your systems.
Web Application pentesting: a guide
Offensive SecurityRed teamPentestingVulnerability Management
April 20, 2023
In Security, the concept of attack-surface (or attack surface) refers to the set of entry points that an attacker can use to access a system or application and carry out an attack. In other words, it is the complete map in which a system or application can be violated. They may include software vulnerabilities, insecure configurations, unauthorized access, open ports, application programming interfaces (APIs), among others. The larger the attack surface of a system or application, the greater the risk that an attacker could exploit a vulnerability and compromise the security of the system.
Nuclei: Attack Surface with Faraday
Offensive SecurityRed teamPentestingVulnerability Management
April 6, 2023
In Security, the concept of attack-surface (or attack surface) refers to the set of entry points that an attacker can use to access a system or application and carry out an attack. In other words, it is the complete map in which a system or application can be violated. They may include software vulnerabilities, insecure configurations, unauthorized access, open ports, application programming interfaces (APIs), among others. The larger the attack surface of a system or application, the greater the risk that an attacker could exploit a vulnerability and compromise the security of the system.
Yara rule and some python scripts for detection and sanitization of Acropalypse (CVE-2023-21036) affected PNG images
Offensive SecurityPentestingVulnerability Management
March 23, 2023
We have just released a YARA to detect vulnerable images of Acropalypse in scale. We also added a sanitization script to remove extra information from PNG files.
Automating Security Tasks
Offensive SecurityRed teamPentestingVulnerability Management
March 16, 2023
In this second part (part one), we will show a step by step of a security analysis having in mind a basic methodology:
- Perform a passive recognition of the target
- Go through an active recognition
- Identify vulnerabilities coming from an automatic scanning
- Exploit these vulnerabilities
- Wrap up with an executive report
DevSecOps: a thread
Vulnerability ManagementCybersec
March 1, 2023
Let's talk about security into the software development lifecycle. DevSecOPS elp you identify and mitigate security risks early in the development process, reducing the chance of a breach and improving the overall security of their apps.