Reports not imported for plugins Dnsmap, SQLmap, Skipfish.

infobyte / faraday

Open Source Vulnerability Management Platform

https://www.faradaysec.com

GNU General Public License v3.0

4.86k stars 892 forks source link

Reports not imported for plugins Dnsmap, SQLmap, Skipfish. #327

Open Thilaknath opened 5 years ago

Thilaknath commented 5 years ago

Issue Type

Bug Re port

Faraday version

v3.3

Component Name

Reporting

Steps to reproduce

1) Execute scans using any of the tools above, The report produced is not able to be imported in to faraday. Faraday imports the result and identifies no vulnerabilities found while there are lot of information found by the tools.

This defeats the purpose of having Faraday as the reports are not being consolidated at one point

Expected results

1) Faraday should be able to parse the finding and list them in the dashboard.

llazzaro commented 5 years ago

Hi, Are you using web upload? We currently not support al plugins via wbe interface

Thanks,

Thilaknath commented 5 years ago

@llazzaro No i am using the faraday client and also tried placing the reports following the report convention in the workspace folder.

1) SQLmap : The findings are written to a log file, Despite configuring the path of SQL map Faraday doesn't parse the results 2) Skipfish generates a html report. If i try to parse it through the client skipfish plugin (It says nothing found) Despite the results containing multiple vulnerabilities 3) Dnsmap produces a text file as ouput, the plugin doesn't seem to parse it successfully.