Rethink Vulnerability Management

Faraday Blog

Create Resistance. Be one step ahead. A security platform to manage everything from one place.

SADProtocol goes to Hollywood

This research project started when Javier’s wife, our ex Research leader, told him their IP camera had stopped working. Javier was asked to fix it, but, as a security researcher, the temptation was too great. He brought the camera to the office and discussed the problem with Octavio, another security researcher at Faraday. The situation quickly escalated from some light reverse engineering to a full-fledged vulnerability research project, which ended with two high-severity bugs and an exploitation strategy worthy of the big screen.

Read More


First steps in cybersecurity: scan your domain

Pentesters use a comprehensive and complete toolkit to expose different platforms and evaluate the security of an IT infrastructure. They safely try to exploit vulnerabilities and are experts at reporting failures, data leakage, or other vulnerabilities.
In this post, we present these tools and the several ways they can be applied.

Read More


Visualize findings and understand your security posture

Our risk scoring system goes beyond mere criticality analysis, pinpointing precisely where real vulnerabilities lie. It offers a straightforward representation, not just an objective evaluation framework, but a curated set of filters tailored to prioritize based on specific contexts. Prioritization becomes a time-saving asset; now, you can filter vulnerabilities from a hacker's perspective.

Read More


Use Slash Command in Slack to interact with Faraday

In this blog, we are going to create a Slack app to allow us to interact with Faraday API using its known Slash Commands. This allows for flexibility in performing various security tasks and queries directly from Slack. Providing visibility into Faraday's data and functionality within the Slack environment. Helping security teams stay informed.

Read More


A three-hour session about hacking by our CEO, Federico Kirschbaum

It's true that cybersecurity is primarily something developed by governments and large, regulated companies. If these entities with vast resources, hefty budgets, and seniority still experience breaches, what's left for the rest of us?
Whether it's a company with 10,000 employees or one with just five, they both face exactly the same attack.

Read More


Optimize reporting by integrating Faraday into Zoho.

Integrating Zoho CRM, Zoho Projects, and Faraday into your penetration test service workflow can significantly streamline the process from lead generation to delivering the final report to the client. This well-coordinated approach enhances efficiency, communication, and client satisfaction throughout the engagement. By following the steps outlined in this blog post, you can effectively manage penetration test projects and maintain a high standard of service delivery.

Read More