Collaborative Penetration Test and Vulnerability Management Platform
Clone or download
Failed to load latest commit information.
.github Merge branch 'white/migration' Jul 26, 2018
apis Bug Fix localhost, no ports available Sep 5, 2018
bin [ADD] Checks the non-web vuln to be added already exists Sep 11, 2018
config Add changes to hotfix version. Sep 20, 2018
data Delete bad file cwe_all.csv Jul 23, 2018
debian Updated dependencies Feb 10, 2017
doc Document workspaced mixins Aug 14, 2018
gui Fix bug #5157, bad response in gtk Sep 7, 2018
helpers Fix path calculation on Jun 15, 2018
managers Fix bug with report reading in report manager Aug 29, 2018
migrations [ADD] .gitignore to migrations/versions/ to add folder in pulls Jun 11, 2018
model Bug Fix localhost, no ports available Sep 5, 2018
nix Add alembic to server dependencies Jun 8, 2018
persistence [FIX] Add various response codes expected in _unsafe_io_with_server, … Aug 6, 2018
plugins Merge remote-tracking branch 'origin/supp_white_4896_plugin_wapiti_up… Sep 6, 2018
scripts Merge remote-tracking branch 'origin/sup_white_5142_cscan_nessus_upda… Sep 12, 2018
server Merge branch 'tkt_white_5196_fix_initdb' into white/dev Sep 20, 2018
test_cases [ADD] Backend regex control and tests Sep 4, 2018
tests_web Remove deprecated fields sdate, fdate in Workspace Dec 4, 2017
utils Fix bug in the client exception handler Aug 7, 2018
zsh Create fplugin alias if running in nogui mode with no faraday path se… Feb 17, 2017
.gitattributes Add .gitattributes file Aug 9, 2017
.gitignore Merge branch 'white/migration' into mig_white_4364_document_api Jul 3, 2018
AUTHORS Add eric as main dev on AUTHORS Sep 14, 2018
Jenkinsfile Fix unclosed brace in Jenkinsfile Aug 16, 2018 Update with new screenshots Jul 23, 2018 Add changes to hotfix version. Sep 20, 2018
VERSION Add changes to hotfix version. Sep 20, 2018 Changing Faraday banner Feb 26, 2015
alembic.ini Add alembic migrations. InitDB updates alembic.ini sqlalchemy.url May 9, 2018
credentials.json Add credentials.json file Nov 27, 2017
default.nix Refactor nix files Apr 11, 2018 [FIX] if missing --port sets 5895 as string Sep 3, 2018
faraday-terminal.zsh Fix zsh path in faraday-terminal.zsh Aug 7, 2018 Fixed some typos from and Aug 9, 2018 add postgresql to Jul 20, 2018 Merge branch 'white/dev' of into white/dev Sep 11, 2018
requirements.txt [MOD] Accepting Flask 1.0 in white Jul 30, 2018
requirements_dev.txt More changes to developer documentation Aug 13, 2018
requirements_extras.txt Remove duplicated item in requirements_extras Jun 29, 2018
requirements_server.txt Add click to dependencies Aug 21, 2018
shell.nix Fix GTK open report dialog in nix Aug 8, 2018


Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

Made for true pentesters!

Faraday was made to let you take advantage of the available tools in the community in a truly multiuser way.

Designed for simplicity, users should notice no difference between their own terminal application and the one included in Faraday. Developed with a specialized set of functionalities, users improve their own work. Do you remember the last time you programmed without an IDE? What IDEs are to programming, Faraday is to pentesting.


Faraday crunches the data you load into different visualizations that are useful to managers and pentesters alike.

GUI - Web

To read about the latest features check out the release notes!

Getting Started!

Check out our documentacion for datailed information on how to install Faraday in all of our supported platforms:

Supported Os

To begin the instalation process check our out First Step Wiki.

New Features!

All of Faraday's latest features and updates are always available on our blog. There are new entries every few weeks, don't forget to check out our amaizing new improvements on it's last entry!

Plugins list

You feed data to Faraday from your favorite tools through Plugins. Right now there are more than 60+ supported tools, among which you will find:

There are three Plugin types: console plugins which intercept and interpret the output of the tools you execute, report plugins which allows you to import previously generated XMLs, and online plugins which access Faraday's API or allow Faraday to connect to external APIs and databases.

Read more about Plugins.



Information is organized into various Workspaces. Each Workspace contains a pentest team's assignments and all the intel that is discovered.


If two plugins produce clashing information for an individual element, a conflict that the user will have to resolve is generated. An example is if user1 incorporates host OS:Linux and user2 incorporates OS: Linux Ubuntu 13.10.

On our GTK interface there's a button on the bottom right corner of the main window displaying the number of conflicts in the current workspace. To resolve them, just click on the button and a window will open where you can edit the conflicting objects and select which one to keep.

Faraday plugin

Using our plugin you can perform various actions using the command line, for example:

$ cd faraday-dev/bin/
$ ./fplugin create_host Android
$ ./fplugin filter_services http ssh -p 21 -a
Filtering services for ports: 21, 22, 80, 443, 8080, 8443    ssh     [22]    tcp open    None    http    [443]   tcp open    None    ssh     [22]    tcp open    Linux    http    [443]   tcp open    Linux   ssh     [22]    tcp open    Linux

Read more about the Faraday Plugin.


Updating objects on other Faraday instances result in notifications on your Faraday GTK Client.

CSV Exporting

Faraday supports CSV Exporting from its WEB UI. More information