Rethink Vulnerability Management

Faraday Blog

Create Resistance. Be one step ahead. A security platform to manage everything from one place.

Good practices in Cybersecurity – Part 3

Good security practices go hand in hand with automation, integration, and collaboration. As dynamic as the threat landscape is, so must our strategy be. With over 26 thousand vulnerabilities reported last year, it’s now more important than ever to shift security from left to right, and then everywhere.

Read More

Good practices in Cybersecurity – Part 2

Nowadays, we can distinguish various branches within a security team Red Teams, Blue Teams, Purple Teams & Bug Hunters.
But what does each team do?
This difference in colors, adding a new category related to bug bounty, makes us think about common tasks that all these approaches can have within a company; and the truth is, they have a lot. First, let's talk about the definition of each one.

Read More

First steps in cybersecurity: scan your domain

Pentesters use a comprehensive and complete toolkit to expose different platforms and evaluate the security of an IT infrastructure. They safely try to exploit vulnerabilities and are experts at reporting failures, data leakage, or other vulnerabilities.
In this post, we present these tools and the several ways they can be applied.

Read More

Las Vegas 2023 recap

Another Las Vegas season has passed, and it's been a blast!
We met some awesome folks, clients, and pentesters at the Black Hat and DefCon conferences, our team rocked both events, and the Get-together was lots of fun.

Read More

EmploLeaks: Finding Leaked Employees Info for the Win

we developed an internal tool that displayed great potential, leading us to make it open source. Since then, we have continually developed the tool, with the latest version recently pushed to the repository. Our current focus is on ensuring that the application flow is efficient, and we are diligently addressing any bugs that arise as soon as possible. This is an ongoing process, and we are committed to providing a high-quality tool that is reliable and meets the needs of the community. As we proceed with development, we welcome feedback and contributions from users to help us enhance the tool further.

Read More

Tips Nmap Script Engine

Nmap (Network Mapper) is a popular network scanner that allows discovering ports and services, providing relevant information about a network. In addition to basic port scanning, Nmap offers a wide range of options and advanced functionalities. It can perform TCP, UDP, and SCTP scans, operating system detection scans, service version detection, script scans, and much more. It also allows customization of scans and generation of detailed reports.

Read More