After 3 years of development, we are releasing Faraday, a Multiuser Penetration Test IDE, Designed for collaborative data sharing, indexation and analysis of the generated knowledge during the engagement of a penetration test without changing the way you work. The main purpose of Faraday is to reuse the tools available in the community to get more advantage from them, in a multiuser way.
We are incorporating "Faraday Developer Awards" a benefit to open source developers of security tools which Faraday has fed for its functionality.
We have build a plugin system, where all the I/O from the terminal gets interpreted. If we have a plugin for the command, the output is processed and added to the knowledge base in a transparent way.
We will be releasing an Open Source version, but we are also developing a commercial version with professional features, such as reporting and advanced filters and visualizations.
The idea of the developer awards is that every buyer of a Faraday Professional & Enterprise license must necessarily select a beneficiary from a list of supported open source tools. We think this kind of support will help on the continuity of great open source security projects.
At the moment these are the projects who already have agreed to be part of the awards:
- Amap - https://www.thc.org/thc-amap/
- Arachni - http://www.arachni-scanner.com/
- dnsenum - https://code.google.com/p/dnsenum/
- Hydra - https://www.thc.org/thc-hydra/
- Medusa - http://foofus.net/goons/jmk/medusa/medusa.html
- Nikto - http://www.cirt.net/nikto2
- w3af - http://w3af.org/
- Zap - https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project