Open source vulnerability management platform for organizing, normalizing, and visualizing security findings
- Stars6.5k
- Forks1.1k
- Open Issues20
GPL-3.0
- Python
- Nix
- JavaScript
About Faraday
Faraday is a vulnerability manager for security teams that need to organize findings from many tools in one place. It handles the work after discovery by aggregating results, normalizing data, and keeping multiuser work organized so you can focus on finding issues.
It runs from the terminal and accepts output from tools and reports such as Nmap and Burp XML. Faraday provides dashboards and visualizations for managers and analysts, a direct API, and plugins that import previously generated artifacts and connect more than 80 tools.
Deployment options include Docker Compose, a Python package install, and downloadable .deb and .rpm packages, with a browser-based interface on port 5985. A command line client automates scans and integrates Faraday into CI/CD pipelines.
Key features
- Aggregates and normalizes findings from multiple tools
- Multiuser workflow for vulnerability data
- Terminal-based CLI for running tools and reporting results
- Imports XML and JSON artifacts through report plugins
- Provides visualizations for managers and analysts
Details
- First released
- 2013
- Platforms
- Docker · CLI
- Deployment
- self-hostable · docker
- API
- Direct API access
- Packaging
- Docker Compose · PyPi · .deb · .rpm
- Data handling
- Aggregates and normalizes findings