Faction
@factionsecurity.com
Faction is an open-source tool for:
- Automated Pentest Reporting
- Track Vulnerability Remediation
- Collaborate With Your Team
- and more
https://www.factionsecurity.com
#appsec #redteam #securitytools #cybersecurity #infosec #hacking
- Automated Pentest Reporting
- Track Vulnerability Remediation
- Collaborate With Your Team
- and more
https://www.factionsecurity.com
#appsec #redteam #securitytools #cybersecurity #infosec #hacking
We just released OWASP Faction 1.7 with lots of new features and bug fixes to help automate manual penetration testing and make reporting even easier.
we-are-faction.medium.com/owasp-factio...
#pentesting #cybersecurity #applicationsecurity #redteam #hacking #appsec #owasp
we-are-faction.medium.com/owasp-factio...
#pentesting #cybersecurity #applicationsecurity #redteam #hacking #appsec #owasp
OWASP Faction 1.7 — Major Updates for Enterprise Security Teams
For Enterprise Penetration Testing teams and Security Consulting Firms managing dozens — or hundreds — of assessments simultaneously…
we-are-faction.medium.com
October 27, 2025 at 3:58 AM
We just released OWASP Faction 1.7 with lots of new features and bug fixes to help automate manual penetration testing and make reporting even easier.
we-are-faction.medium.com/owasp-factio...
#pentesting #cybersecurity #applicationsecurity #redteam #hacking #appsec #owasp
we-are-faction.medium.com/owasp-factio...
#pentesting #cybersecurity #applicationsecurity #redteam #hacking #appsec #owasp
Lots of new things coming to Faction 2.0 Very Soon. We are excited to share a little preview.
Follow us for more updates.
#pentesting #appsec #redteam #hacking #vulnerabilitymanagement
Follow us for more updates.
#pentesting #appsec #redteam #hacking #vulnerabilitymanagement
September 26, 2025 at 2:17 PM
Lots of new things coming to Faction 2.0 Very Soon. We are excited to share a little preview.
Follow us for more updates.
#pentesting #appsec #redteam #hacking #vulnerabilitymanagement
Follow us for more updates.
#pentesting #appsec #redteam #hacking #vulnerabilitymanagement
I'm excited to be presenting at SecTor Arsenal! I'll be demoing OWASP Faction, an open source pen-testing collaboration framework.
Hope to see you there!
#SECTORCA #appsec #owasp #cybersecurity #blackhat #pentesting
Hope to see you there!
#SECTORCA #appsec #owasp #cybersecurity #blackhat #pentesting
September 26, 2025 at 2:04 PM
I'm excited to be presenting at SecTor Arsenal! I'll be demoing OWASP Faction, an open source pen-testing collaboration framework.
Hope to see you there!
#SECTORCA #appsec #owasp #cybersecurity #blackhat #pentesting
Hope to see you there!
#SECTORCA #appsec #owasp #cybersecurity #blackhat #pentesting
Great views from the level up party last night. #blackhat2025 #blackhat.
August 7, 2025 at 11:54 PM
Great views from the level up party last night. #blackhat2025 #blackhat.
Reposted by Faction
Greetings from BlackHat 2025! If you’re attending this year come check out my talk on OWASP Faction, Thursday at noon - Arsenal station 3! #pentesting #owasp #hacking #blackhat2025 #redteam #appsec
August 6, 2025 at 8:31 PM
Greetings from BlackHat 2025! If you’re attending this year come check out my talk on OWASP Faction, Thursday at noon - Arsenal station 3! #pentesting #owasp #hacking #blackhat2025 #redteam #appsec
Reposted by Faction
#BlackHat Arsenal was awesome!!! 🎉🎉🎉🍺🍺🍺Thanks to all that came to my talk. I forgot to bring stickers with me but will be giving them out at #Defcon. Look for them in the usual spots or DM me.
#owasp #appsec #redteam #pentesting
@factionsecurity.com
#owasp #appsec #redteam #pentesting
@factionsecurity.com
August 7, 2025 at 11:49 PM
#BlackHat Arsenal was awesome!!! 🎉🎉🎉🍺🍺🍺Thanks to all that came to my talk. I forgot to bring stickers with me but will be giving them out at #Defcon. Look for them in the usual spots or DM me.
#owasp #appsec #redteam #pentesting
@factionsecurity.com
#owasp #appsec #redteam #pentesting
@factionsecurity.com
🎉 I'm excited to be presenting Faction at BlackHat Arsenal 2025! 🚀
Come by Thursday Aug 7th 12-12:55 am to see what Faction can do for you and get some STICKERS!!!
#hacking #pentesting #blackhat #BH2025 #appsec
www.blackhat.com/us-25/arsena...
Come by Thursday Aug 7th 12-12:55 am to see what Faction can do for you and get some STICKERS!!!
#hacking #pentesting #blackhat #BH2025 #appsec
www.blackhat.com/us-25/arsena...
July 8, 2025 at 10:05 PM
🎉 I'm excited to be presenting Faction at BlackHat Arsenal 2025! 🚀
Come by Thursday Aug 7th 12-12:55 am to see what Faction can do for you and get some STICKERS!!!
#hacking #pentesting #blackhat #BH2025 #appsec
www.blackhat.com/us-25/arsena...
Come by Thursday Aug 7th 12-12:55 am to see what Faction can do for you and get some STICKERS!!!
#hacking #pentesting #blackhat #BH2025 #appsec
www.blackhat.com/us-25/arsena...
🎉 Faction 1.6 is Here — Powerful New Features for Open Source and Enterprise Users
Lots of updates that brings major improvements that make #pentest reporting more flexible and tailored to your needs.
docs.factionsecurity.com/blog/2025/07...
#appsec #redteam #opensource #cybersecurity #hacking
Lots of updates that brings major improvements that make #pentest reporting more flexible and tailored to your needs.
docs.factionsecurity.com/blog/2025/07...
#appsec #redteam #opensource #cybersecurity #hacking
July 8, 2025 at 7:37 AM
🎉 Faction 1.6 is Here — Powerful New Features for Open Source and Enterprise Users
Lots of updates that brings major improvements that make #pentest reporting more flexible and tailored to your needs.
docs.factionsecurity.com/blog/2025/07...
#appsec #redteam #opensource #cybersecurity #hacking
Lots of updates that brings major improvements that make #pentest reporting more flexible and tailored to your needs.
docs.factionsecurity.com/blog/2025/07...
#appsec #redteam #opensource #cybersecurity #hacking
🚀 OWASP Faction 1.5.2 is live!
This is a major update with improvements to help you deliver more streamlined and professional assessments.
What’s new?
✅ Checklist Improvements
🔐 SAML Authentication
📝 Better Markdown Handling
github.com/factionsecur...
#AppSec #Cybersecurity #OWASP #redteam
This is a major update with improvements to help you deliver more streamlined and professional assessments.
What’s new?
✅ Checklist Improvements
🔐 SAML Authentication
📝 Better Markdown Handling
github.com/factionsecur...
#AppSec #Cybersecurity #OWASP #redteam
Releases · factionsecurity/faction
Pen Test Report Generation and Assessment Collaboration - factionsecurity/faction
github.com
June 2, 2025 at 9:49 PM
🚀 OWASP Faction 1.5.2 is live!
This is a major update with improvements to help you deliver more streamlined and professional assessments.
What’s new?
✅ Checklist Improvements
🔐 SAML Authentication
📝 Better Markdown Handling
github.com/factionsecur...
#AppSec #Cybersecurity #OWASP #redteam
This is a major update with improvements to help you deliver more streamlined and professional assessments.
What’s new?
✅ Checklist Improvements
🔐 SAML Authentication
📝 Better Markdown Handling
github.com/factionsecur...
#AppSec #Cybersecurity #OWASP #redteam
Reposted by Faction
10 Burp extensions I actually use... BUT none of them are in the top 30 most popular in the BApp Store!
I get tired of seeing the same extensions come up in "top 10" lists. Here are some hidden gems you might not have tried... yet. In no particular order.
🧵👇
I get tired of seeing the same extensions come up in "top 10" lists. Here are some hidden gems you might not have tried... yet. In no particular order.
🧵👇
May 12, 2025 at 3:01 PM
10 Burp extensions I actually use... BUT none of them are in the top 30 most popular in the BApp Store!
I get tired of seeing the same extensions come up in "top 10" lists. Here are some hidden gems you might not have tried... yet. In no particular order.
🧵👇
I get tired of seeing the same extensions come up in "top 10" lists. Here are some hidden gems you might not have tried... yet. In no particular order.
🧵👇
Happy to announce that Faction is now an #OWASP Project!!! 🚀
#appsec #applicationsecurity #pentesting #vulnerability #cybersecurity #redteam #hacking
owasp.org/www-project-...
#appsec #applicationsecurity #pentesting #vulnerability #cybersecurity #redteam #hacking
owasp.org/www-project-...
owasp.org
March 5, 2025 at 3:43 PM
Happy to announce that Faction is now an #OWASP Project!!! 🚀
#appsec #applicationsecurity #pentesting #vulnerability #cybersecurity #redteam #hacking
owasp.org/www-project-...
#appsec #applicationsecurity #pentesting #vulnerability #cybersecurity #redteam #hacking
owasp.org/www-project-...
It’s a new year and time to start the year off right by automating your manual #pentest with Faction. 🎉🍾💥
We got a lot of cool stuff planned for this year! We’ll be releasing more info in the coming months. Stay tuned!
#appsec #redteam #hacking
www.factionsecurity.com
We got a lot of cool stuff planned for this year! We’ll be releasing more info in the coming months. Stay tuned!
#appsec #redteam #hacking
www.factionsecurity.com
Automate Pentest Reports and AppSec Posture Management (ASPM)
Automate PenTest Reporting and AppSec Posture Management (ASPM) for penetration testers, red teams, and application security teams.
www.factionsecurity.com
January 4, 2025 at 8:08 PM
It’s a new year and time to start the year off right by automating your manual #pentest with Faction. 🎉🍾💥
We got a lot of cool stuff planned for this year! We’ll be releasing more info in the coming months. Stay tuned!
#appsec #redteam #hacking
www.factionsecurity.com
We got a lot of cool stuff planned for this year! We’ll be releasing more info in the coming months. Stay tuned!
#appsec #redteam #hacking
www.factionsecurity.com
Happy holidays from us at Faction Security!!! 🎄🤶🎁
Hope you get some downtime so you hack all the things next year!
#cybersecurity
Hope you get some downtime so you hack all the things next year!
#cybersecurity
December 25, 2024 at 4:47 PM
Happy holidays from us at Faction Security!!! 🎄🤶🎁
Hope you get some downtime so you hack all the things next year!
#cybersecurity
Hope you get some downtime so you hack all the things next year!
#cybersecurity
We just released Faction 1.4! 🚀
If you're currently using Enterprise or Teams versions, then you have already been upgraded 🎉
This release includes bug fixes in pentest report peer reviews and fixes several CVE's.
Find out more: www.factionsecurity.com
#appsec #redteam #hacking #cybersecurity
If you're currently using Enterprise or Teams versions, then you have already been upgraded 🎉
This release includes bug fixes in pentest report peer reviews and fixes several CVE's.
Find out more: www.factionsecurity.com
#appsec #redteam #hacking #cybersecurity
www.factionsecurity
December 19, 2024 at 5:47 PM
We just released Faction 1.4! 🚀
If you're currently using Enterprise or Teams versions, then you have already been upgraded 🎉
This release includes bug fixes in pentest report peer reviews and fixes several CVE's.
Find out more: www.factionsecurity.com
#appsec #redteam #hacking #cybersecurity
If you're currently using Enterprise or Teams versions, then you have already been upgraded 🎉
This release includes bug fixes in pentest report peer reviews and fixes several CVE's.
Find out more: www.factionsecurity.com
#appsec #redteam #hacking #cybersecurity
We published a blog post on how to automate boilerplate text in your #pentesting reports using the #opensouce security tool, Faction. Check out the link below!
we-are-faction.medium.com/automate-pen...
#appsec #infosec #redteam #pentest #hacking #hacking-tools #security-tools
we-are-faction.medium.com/automate-pen...
#appsec #infosec #redteam #pentest #hacking #hacking-tools #security-tools
Automate PenTest Reports with Boilerplates
If you have been doing penetration testing for any length of time, you probably have a personal database of vulnerability descriptions…
we-are-faction.medium.com
December 11, 2024 at 6:13 AM
We published a blog post on how to automate boilerplate text in your #pentesting reports using the #opensouce security tool, Faction. Check out the link below!
we-are-faction.medium.com/automate-pen...
#appsec #infosec #redteam #pentest #hacking #hacking-tools #security-tools
we-are-faction.medium.com/automate-pen...
#appsec #infosec #redteam #pentest #hacking #hacking-tools #security-tools
Reposted by Faction
I've developed a Python tool called Fback that generates wordlists for fuzzing backup files. It takes a JSON-based pattern file and a seed wordlist as input and produces a target-specific wordlist as output. Github: github.com/Spix0r/Fback
#bugbounty #bugbountytools #cybersecurity
#bugbounty #bugbountytools #cybersecurity
GitHub - Spix0r/fback: This is a useful Python script for generating a target specific wordlist for fuzzing backup files.
This is a useful Python script for generating a target specific wordlist for fuzzing backup files. - Spix0r/fback
github.com
December 7, 2024 at 11:18 AM
I've developed a Python tool called Fback that generates wordlists for fuzzing backup files. It takes a JSON-based pattern file and a seed wordlist as input and produces a target-specific wordlist as output. Github: github.com/Spix0r/Fback
#bugbounty #bugbountytools #cybersecurity
#bugbounty #bugbountytools #cybersecurity
Hey #cybersecurity, we are building opensource tools to help streamline #pentesting assessments. We realize every company is different.
We want to know where your pain points are and what would make your life as a #pentester easier. Reply or DM us your feedback.
#infosec #appsec #redteam
We want to know where your pain points are and what would make your life as a #pentester easier. Reply or DM us your feedback.
#infosec #appsec #redteam
December 8, 2024 at 9:08 PM
Hey #cybersecurity, we are building opensource tools to help streamline #pentesting assessments. We realize every company is different.
We want to know where your pain points are and what would make your life as a #pentester easier. Reply or DM us your feedback.
#infosec #appsec #redteam
We want to know where your pain points are and what would make your life as a #pentester easier. Reply or DM us your feedback.
#infosec #appsec #redteam
Reposted by Faction
Slashdot is now on Bluesky!
December 3, 2024 at 12:31 AM
Slashdot is now on Bluesky!
This was one of our favorite talks from #defon32. This is a really clever approach to getting SQL injection at the protocol level.
#appsec #sqlinjection #hacking #applicationsecurity
www.youtube.com/watch?v=Tfg1...
#appsec #sqlinjection #hacking #applicationsecurity
www.youtube.com/watch?v=Tfg1...
DEF CON 32 - SQL Injection Isn't Dead Smuggling Queries at the Protocol Level - Paul Gerste
YouTube video by DEFCONConference
www.youtube.com
December 2, 2024 at 2:50 PM
This was one of our favorite talks from #defon32. This is a really clever approach to getting SQL injection at the protocol level.
#appsec #sqlinjection #hacking #applicationsecurity
www.youtube.com/watch?v=Tfg1...
#appsec #sqlinjection #hacking #applicationsecurity
www.youtube.com/watch?v=Tfg1...
Happy thanksgiving for all that celebrate! 🦃
November 29, 2024 at 1:28 AM
Happy thanksgiving for all that celebrate! 🦃
Reposted by Faction
We're 🌟live🌟 in five, working on Open Source. 🌱
Join us with questions, comments & your important Syft & Grype bugs! 🐞
www.youtube.com/watch?v=hCRt...
#sbom #opensource #security
Join us with questions, comments & your important Syft & Grype bugs! 🐞
www.youtube.com/watch?v=hCRt...
#sbom #opensource #security
21st November | Open Source Gardening | Live with Anchore Devs
YouTube video by Anchore
www.youtube.com
November 21, 2024 at 7:56 PM
We're 🌟live🌟 in five, working on Open Source. 🌱
Join us with questions, comments & your important Syft & Grype bugs! 🐞
www.youtube.com/watch?v=hCRt...
#sbom #opensource #security
Join us with questions, comments & your important Syft & Grype bugs! 🐞
www.youtube.com/watch?v=hCRt...
#sbom #opensource #security
Reposted by Faction
Ready to level up your cybersecurity skills? 💻📈
Mireia Cano teaches us how to build an AppSec program at #WICCON2024!
Level up here: www.youtube.com/watc...
#CyberSecurity #WomenInTech
Mireia Cano teaches us how to build an AppSec program at #WICCON2024!
Level up here: www.youtube.com/watc...
#CyberSecurity #WomenInTech
Building An Appsec Program From Scratch - Mireia Cano
Building an Appsec Program from Scratch
In today's digital landscape, application security is crucial for safeguarding sensitive data and maintaining user trust. Without a robust AppSec program, or with one poorly implemented, chaos can ensue, leading to vulnerabilities and breaches. This talk explo
www.youtube.com
November 22, 2024 at 12:37 PM
Ready to level up your cybersecurity skills? 💻📈
Mireia Cano teaches us how to build an AppSec program at #WICCON2024!
Level up here: www.youtube.com/watc...
#CyberSecurity #WomenInTech
Mireia Cano teaches us how to build an AppSec program at #WICCON2024!
Level up here: www.youtube.com/watc...
#CyberSecurity #WomenInTech
We got a story up on @medium.com! Learn out how to create your first #pentest report using Faction:
we-are-faction.medium.com/how-to-autom...
#appsec #redteam #informationsecurity #infosec #pentesting #ethicalhacking
we-are-faction.medium.com/how-to-autom...
#appsec #redteam #informationsecurity #infosec #pentesting #ethicalhacking
How to Automate Pentest Reporting Using Faction
Faction is an open-source security assessment collaboration framework designed to streamline and enhance your security workflows. With…
we-are-faction.medium.com
November 22, 2024 at 12:07 AM
We got a story up on @medium.com! Learn out how to create your first #pentest report using Faction:
we-are-faction.medium.com/how-to-autom...
#appsec #redteam #informationsecurity #infosec #pentesting #ethicalhacking
we-are-faction.medium.com/how-to-autom...
#appsec #redteam #informationsecurity #infosec #pentesting #ethicalhacking
Reposted by Faction
Must read of the week: Ronan Farrow is looking at how governments (including the US) use spyware tech on individuals, activists, and journalists. www.newyorker.com/news/news-de...
The Technology the Trump Administration Could Use to Hack Your Phone
Other Western democracies have been roiled by the use of spyware to target political opponents, activists, journalists, and other vulnerable groups. Could it happen here?
www.newyorker.com
November 21, 2024 at 3:36 AM
Must read of the week: Ronan Farrow is looking at how governments (including the US) use spyware tech on individuals, activists, and journalists. www.newyorker.com/news/news-de...