dradis is an free software for sharing information during Security Testing.
While plenty of tools exist to help in the different stages of the test (information gathering, discovery, exploitation, etc.) not so many exist to share interesting information captured.
When a team of testers is working on the same set of targets having a common repository of information is esential to avoid duplication of efforts. Nevertheless, having all the information in a single place will make the task of reporting a lot easier.
Not sharing the information available in an effective way will result in exploitation oportunities lost and the overlapping of efforts.
Four main goals have driven and will drive the development of dradis:
- effective information sharing
- ease of use, ease of adoption
- smallness and portability
The main benefits derived from the use of dradis are:
- information is organized
- it saves time, both while testing and while reporting
- the knowledge is effectively shared
- it is also good for one-man testing
Since flexibility is one of the design goals, dradis can be extended using a powerful module interface. You can easily create modules to add new functionality or to connect dradis to other tools and systems that are part of your current security testing methodology.
What's New in This Release: [ read full changelog ]
· This version added a Retina Network Security Scanner upload plugin and a Zed Attack Proxy upload plugin.
· The Nessus, Nikto, and Nmap upload plugins are now orders of magnitude faster.
· A VulnDB import plugin was added to support VulnDB HQ integration.
· The First Time User's Wizard was updated.
· Rails was upgraded to version 3.2.