{"id":13430868,"url":"https://github.com/infobyte/faraday","last_synced_at":"2025-05-12T05:20:45.616Z","repository":{"id":11653253,"uuid":"14160461","full_name":"infobyte/faraday","owner":"infobyte","description":"Open Source Vulnerability Management Platform","archived":false,"fork":false,"pushed_at":"2025-05-08T04:17:44.000Z","size":300071,"stargazers_count":5395,"open_issues_count":54,"forks_count":970,"subscribers_count":256,"default_branch":"master","last_synced_at":"2025-05-12T02:39:02.627Z","etag":null,"topics":["appsec","burpsuite","collaboration","continuous-scanning","cve","cybersecurity","devops","devsecops","infosec","nessus","nmap","orchestration","penetration-testing","pentesting","security","security-audit","security-automation","vulnerability","vulnerability-management","vulnerability-scanners"],"latest_commit_sha":null,"homepage":"https://www.faradaysec.com","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/infobyte.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG/3.10.1/community.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":"AUTHORS","dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2013-11-06T02:07:23.000Z","updated_at":"2025-05-11T23:00:30.000Z","dependencies_parsed_at":"2024-01-02T17:48:45.350Z","dependency_job_id":"a52394e6-9e65-467f-9fd4-5f31cfea5b21","html_url":"https://github.com/infobyte/faraday","commit_stats":{"total_commits":9314,"total_committers":95,"mean_commits":98.0421052631579,"dds":0.8606398969293536,"last_synced_commit":"57fe1a600c923050fad1ab2be8a152457a3d5432"},"previous_names":[],"tags_count":102,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/infobyte%2Ffaraday","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/infobyte%2Ffaraday/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/infobyte%2Ffaraday/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/infobyte%2Ffaraday/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/infobyte","download_url":"https://codeload.github.com/infobyte/faraday/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253672696,"owners_count":21945480,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["appsec","burpsuite","collaboration","continuous-scanning","cve","cybersecurity","devops","devsecops","infosec","nessus","nmap","orchestration","penetration-testing","pentesting","security","security-audit","security-automation","vulnerability","vulnerability-management","vulnerability-scanners"],"created_at":"2024-07-31T02:00:58.582Z","updated_at":"2025-05-12T05:20:45.574Z","avatar_url":"https://github.com/infobyte.png","language":"Python","readme":"# ![logo](./docs/images/faraday_logo.svg)\n![](https://img.shields.io/twitter/follow/faradaysec)\n![](https://img.shields.io/docker/pulls/faradaysec/faraday)\n---\n\n\n### Open Source Vulnerability Manager\n\nSecurity has two difficult tasks: designing smart ways of getting new information, and keeping track of findings to improve remediation efforts. With Faraday, you may focus on discovering vulnerabilities while we help you with the rest. Just use it in your terminal and get your work organized on the run.\nFaraday was made to let you take advantage of the available tools in the community in a truly multiuser way.\n\nFaraday aggregates and normalizes the data you load, allowing exploring it into different visualizations that are useful to managers and analysts alike.\n\n![manage](./docs/images/manage.png)\n![dashboard](./docs/images/dashboard.png)\n\n\n\n\nTo read about the latest features check out the [release notes](https://github.com/infobyte/faraday/blob/master/RELEASE.md)!\n\n\n## Install\n\n---\n\n### Docker-compose\n\nThe easiest way to get faraday up and running is using our docker-compose\n\n```shell\n$ wget https://raw.githubusercontent.com/infobyte/faraday/master/docker-compose.yaml\n$ docker-compose up\n```\nIf you want to customize, you can find an example config over here [Link](https://docs.faradaysec.com/Install-guide-Docker/)\n\n\n### Docker\n\nYou need to have a [Postgres](https://github.com/infobyte/faraday/wiki/Install-Guide)  running first.\n\n```shell\n $ docker run \\\n     -v $HOME/.faraday:/home/faraday/.faraday \\\n     -p 5985:5985 \\\n     -e PGSQL_USER='postgres_user' \\\n     -e PGSQL_HOST='postgres_ip' \\\n     -e PGSQL_PASSWD='postgres_password' \\\n     -e PGSQL_DBNAME='postgres_db_name' \\\n     faradaysec/faraday:latest\n  ```\n\n### PyPi\n```shell\n$ pip3 install faradaysec\n$ faraday-manage initdb\n$ faraday-server\n```\n\n### Binary Packages (Debian/RPM)\nYou can find the installers on our [releases page](https://github.com/infobyte/faraday/releases)\n\n```shell\n$ sudo apt install faraday-server_amd64.deb\n# Add your user to the faraday group\n$ faraday-manage initdb\n$ sudo systemctl start faraday-server\n```\n\nAdd your user to the `faraday` group and then run\n\n### Source\nIf you want to run directly from this repo, this is the recommended way:\n\n```shell\n$ pip3 install virtualenv\n$ virtualenv faraday_venv\n$ source faraday_venv/bin/activate\n$ git clone git@github.com:infobyte/faraday.git\n$ pip3 install .\n$ faraday-manage initdb\n$ faraday-server\n```\n\nCheck out our documentation for detailed information on how to install Faraday in all of our supported platforms\n\nFor more information about the installation, check out our [Installation Wiki](https://github.com/infobyte/faraday/wiki/Install-Guide).\n\n\nIn your browser now you can go to http://localhost:5985 and login with \"faraday\" as username, and the password given by the installation process\n\n## Getting Started\n\n---\n\nLearn about Faraday holistic approach and rethink vulnerability management.\n\n- [Centralize your vulnerability data](https://faradaysec.com/centralize-vulnerability-data/)\n- [Automate the scanners you need](https://faradaysec.com/automate-scanners/)\n\n### Integrating faraday in your CI/CD\n\n**Setup Bandit and OWASP ZAP in your pipeline**\n- [GitHub](https://faradaysec.com/wp-content/whitepapers/Integrating%20Faraday%20-%20Part%20One.pdf) [PDF]\n- [Jenkins](https://faradaysec.com/wp-content/whitepapers/Integrating%20Faraday%20-%20Part%20Two.pdf) [PDF]\n- [TravisCI ](https://faradaysec.com/wp-content/whitepapers/Integrating%20Faraday%20-%20Part%20Three.pdf) [PDF]\n\n**Setup Bandit, OWASP ZAP and SonarQube in your pipeline**\n- [Gitlab](https://faradaysec.com/wp-content/whitepapers/Integrating%20Faraday%20-%20Part%20Four.pdf) [PDF]\n\n## Faraday Cli\n\n---\n\nFaraday-cli is our command line client, providing easy access to the console tools, work in faraday directly from the terminal!\n\nThis is a great way to [automate scans](https://docs.faraday-cli.faradaysec.com/),  integrate it to [CI/CD pipeline](https://docs.faraday-cli.faradaysec.com/)  or just get [metrics](https://docs.faraday-cli.faradaysec.com/) from a workspace\n\n```shell\n$ pip3 install faraday-cli\n```\n\nCheck our [faraday-cli](https://github.com/infobyte/faraday-cli) repo\n\nCheck out the documentation [here](https://docs.faraday-cli.faradaysec.com/).\n\n\n![Example](./docs/images/general.gif)\n\n## Faraday Agents\n\n---\n\n[Faraday Agents Dispatcher](https://github.com/infobyte/faraday_agent_dispatcher) is a tool that gives [Faraday](https://www.faradaysec.com) the ability to run scanners or tools remotely from the platform and get the results.\n\n\n\n\n## Plugins\n\n---\n\nConnect you favorite tools through our [plugins](https://github.com/infobyte/faraday_plugins). Right now there are more than [80+ supported tools](https://github.com/infobyte/faraday/wiki/Plugin-List), among which you will find:\n\n![](./docs/images/plugins.jpg)\n\nMissing your favorite one? [Create a Pull Request](https://github.com/infobyte/faraday_plugins/issues)!\n\nThere are two Plugin types:\n\n**Console** plugins which interpret the output of the tools you execute.\n\n```shell\n$ faraday-cli tool run \\\"nmap www.exampledomain.com\\\"\n💻 Processing Nmap command\nStarting Nmap 7.80 ( https://nmap.org ) at 2021-02-22 14:13 -03\nNmap scan report for www.exampledomain.com (10.196.205.130)\nHost is up (0.17s latency).\nrDNS record for 10.196.205.130: 10.196.205.130.bc.example.com\nNot shown: 996 filtered ports\nPORT     STATE  SERVICE\n80/tcp   open   http\n443/tcp  open   https\n2222/tcp open   EtherNetIP-1\n3306/tcp closed mysql\nNmap done: 1 IP address (1 host up) scanned in 11.12 seconds\n⬆ Sending data to workspace: test\n✔ Done\n\n```\n\n\n**Report** plugins which allows you to import previously generated artifacts like XMLs, JSONs.\n\n```shell\nfaraday-cli tool report burp.xml\n```\n\nCreating custom plugins is super easy, [Read more about Plugins](http://github.com/infobyte/faraday/wiki/Plugin-List).\n\n\n## API\n\n---\nYou can access directly to our API,\ncheck out the documentation [here](https://api.faradaysec.com/).\n\n\n## Links\n\n* Homepage: [faradaysec.com](https://www.faradaysec.com)\n* Documentation: [Faraday Docs](https://docs.faradaysec.com)\n* Download: [Download .deb/.rpm from releases page](https://github.com/infobyte/faraday/releases)\n* Issue tracker and feedback: [Github issue tracker](https://github.com/infobyte/faraday/issues)\n* Frequently Asked Questions: [FaradaySEC FAQ](https://docs.faradaysec.com/FAQ/)\n* Twitter: [@faradaysec](https://twitter.com/faradaysec)\n* Try one of our [Demos](https://cloud.faradaysec.com/cloud/trial/request)\n","funding_links":[],"categories":["JavaScript","Tools","Python","Uncategorized","Orchestration","Dependency intelligence","🔒 Security \u0026 Privacy","Vulnerability Management","Multi-paradigm Frameworks","JavaScript (485)","\u003ca id=\"5dd93fbc2f2ebc8d98672b2d95782af3\"\u003e\u003c/a\u003e工具","Инструменты","vulnerability-scanners","security","漏洞库_漏洞靶场","\u003ca id=\"1233584261c0cd5224b6e90a98cc9a94\"\u003e\u003c/a\u003e渗透\u0026\u0026offensive\u0026\u0026渗透框架\u0026\u0026后渗透框架","BUG BOUNTY / SECURITY RESEARCH","Tools:","Synopsis","Awesome Penetration Testing (\"https://github.com/Muhammd/Awesome-Pentest\")","Security"],"sub_categories":["Multi-paradigm Frameworks","Uncategorized","Vulnerability information exchange","Network Security","Intentionally Vulnerable Systems as Docker Containers","\u003ca id=\"2051fd9e171f2698d8e7486e3dd35d87\"\u003e\u003c/a\u003e渗透多合一\u0026\u0026渗透框架","Vulnerability Management","资源传输下载","Docker Containers of Penetration Testing Distributions and Tools","Forensics","Reporting \u0026 Collaboration","Table of Contents","Tools","CI/CD"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Finfobyte%2Ffaraday","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Finfobyte%2Ffaraday","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Finfobyte%2Ffaraday/lists"}