Loading...
Saturday, July 21, 2012

Dradis Framework - tool for sharing information during a pentest

Dradis is a tool for sharing information during a pentest. When a team of testers is working on the same project having a common repository of information is essential to avoid duplication of efforts.

Dradis is an open source framework to enable effective information sharing, specially during security assessments.

Dradis is a self-contained web application that provides a centralised repository of information to keep track of what has been done so far, and what is still ahead

Features include -
> Easy report generation.
> Support for attachments.
> Integration with existing systems and tools through server plugins.
> Platform independent.

Dradis v2.9 released!
New plugins
Retina Network Security Scanner upload plugin
Zed Attack Proxy upload plugin

Updated plugins
Nessus upload plugin is orders of magnitude faster
Nikto upload plugin is orders of magnitude faster
Nmap upload plugin is orders of magnitude faster
VulnDB import plugin (to support VulnDB HQ integration)

Internals
Updated First Time User's Wizard
Updated to Rails 3.2

Documentation site - 
http://guides.dradisframework.org

Download - The latest version of the Dradis package is 2.9.0
One-click installer for Windows - dradis-v2.9.0-setup.exe
Platform-Independent Ruby code pacakges - dradis-v2.9.0.tar.bz2 or dradis-v2.9.0.tar.gz
It is advised to check the sha256 checksum of the downloaded files.

If you are running Windows and have Metasploit already installed, you may want to look into the Running Dradis inside Metasploit's Cygwin tutorial.

Dependencies
Dradis is written in ruby, an interpreted language. The Windows installer will setup the dependencies for you. Linux users check the install and setup page for further instructions. In a nutshell the dependencies are:

A Ruby interpreter:
sudo apt-get install ruby irb rdoc ruby1.8-dev libopenssl-ruby rubygems 

SQLite3 libraries:
sudo apt-get install libsqlite3-0 libsqlite3-dev

The Ruby Bundler gem:
sudo gem install bundler

Reset the environment (uses Bundler to chek for missing libraries):

# in Windows
reset.bat

# in *NIX
reset.sh
And run Dradis:

# in Windows
server.bat

# in *NIX
start.sh

Visit website -
http://dradisframework.org/
Documentation -
http://dradisframework.org/documentation.html
Hacker's guide to dradis
Screenshot -












0 comments:

Post a Comment

 
TOP