Blackhat 2014 Arsenal Experience

Last week at Blackhat Arsenal 2014, Pete and I (@will_is) presented on Serpico. Arsenal was a great experience and I would highly recommend to anyone as an attendee or presenter. We got some great feedback on the project, so thank you to anyone who stopped by.

Here were the top 3 feature requests and their associated issue on github:

Global Variables

This feature would allow a user to add their own variable in the UI that would render in the template. A classic use case would be to edit the Executive Summary through the UI rather than inside of a template.

Github Issue: Support “Global Variables” for reports Released 08/22

More Findings

As of the most recent build Serpico comes with 8 findings; this is an area of active development. More than one person asked for findings from open sources such as CWE.

Github Issue: Include 40 Findings with the default installation

Plugin to 3rd Parties

This feature would allow a user to parse findings from different vulnerability scanners and import the results.

Github Issue: Support a connector to Nessus