The information in this document applies to version 7.0.10 of Syhunt Hybrid.
The Faraday plugin for Syhunt has been included with the last release of Faraday. Currently Syhunt results can be uploaded through Faraday's web UI, CLI and REST API.
Faraday is a platform that allows teams to manage their attack surface from a single place while automating and accelerating key steps of vulnerability management. It orchestrates an otherwise overwhelming amount of security tools and procedures available into a single, simple process. Syhunt can be configured to automatically connect to Faraday server API and submit a SAST or DAST report.
Configuring the integration with Faraday is an easy task and after that vulnerabilities can be automatically submitted to its dashboard.
Firstly, you have to add a Faraday tracker:
https://yourdashboard.apps.faradaysec.com/
The tracker is ready! Right click the item you just edited in the list and click the Submit Test option. If you configured everything properly, a test scan item should be created at https://yourdashboard.apps.faradaysec.com/
. If not, you will see an error message giving a hint of what needs to be done.
Finally, associate the Faraday tracker to a scan:
If you are using the CLI version of Syhunt, you can add the tracker using the commands indicated below.
-- Example 1 - Adding a new Faraday tracker
scancore -tracker:add
-- Specify the type Faraday and the name of the tracker, and press enter
-- Configure the tracker
scancore -tracker:set to:mytrackername -key:api.url -v:"https://yourdashboard.apps.faradaysec.com/"
scancore -tracker:set to:mytrackername -key:auth.username.encrypted -v:yourusername
scancore -tracker:set to:mytrackername -key:auth.password.encrypted -vsecret
-- Testing the tracker
scancore -tracker:send -tid:TEST -to:mytrackername
For additional product documentation, visit syhunt.com/docs