Faraday Blackhat 2011 Arsenal

http://www.infobytesec.com

Francisco Amato – Federico Kirschbaum Faraday

BlackHat Arsenal 2011

Introduction

http://www.infobytesec.com

Faraday

• Open Source Penetration test IDE. • Looks like a simple terminal • Parsing input/output • Plugins • Multiuser • Distributing, indexation and analysis of the generated knowledge in a penetration test.

Plugins

http://www.infobytesec.com

Faraday

metasploit hydra nikto w3af nessus nmap openvas arachni amap propecia

dnsenum dnswalk listurl ping reverseraider whois dnsmap fierce Wapiti owasp zap

dnsrecon goohost metagoofil theharvester webfuzzer

Demo!

http://www.infobytesec.com

Faraday Demo!

TODO

http://www.infobytesec.com

Next version!

• Multi workspaces • History commands • More IDE functionality • Graphs • Reporting • More & More Plugins

Thanks!

http://www.infobytesec.com

Contact

Francisco Amato [email protected] @famato

Federico Kirschbaum [email protected] @fede_k

http://www.infobytesec.com

http://blog.infobytesec.com

http://www.ekoparty.org