What is Dradis?

Dradis is an open source framework to enable you to work efficiently by gathering information from different tools and presenting it in a variety of formats. We currently support:

  • Burp Scanner
  • Mediawiki
  • Nessus (v1, v2)
  • NeXpose
  • Nikto
  • Nmap
  • OpenVAS
  • OSVDB
  • Retina
  • SureCheck
  • VulnDB HQ
  • w3af
  • wXf
  • Zed Attack Proxy

Dradis is a self-contained web application that provides a centralised repository of information to keep track of what has been done so far, and what is still ahead. It's the best way for teams to collaborate. [screenshots - demo]

One core, two editions

Community Edition

Dradis Framework Logo
  • Import output from Burp, Nessus, Nexpose, Nikto, Nmap, OpenVAS, OSVDB, Qualys, Retina, SureCheck, VulnDB, w3af, wXf and ZAP.
  • Easy report generation in Word and HTML
  • Included in BackTrack
  • Work on one project at a time

Professional Edition

Dradis Pro logo
  • Advanced reporting
  • Map external tool output to the format you need
  • Testing methodology support
  • Multiple teams working on multiple projects

If people in your organization are using Dradis on a day-to-day basis, probably you should check it out:

http://securityroots/dradispro/
 

Fresh news

Dradis v2.9 released!

New plugins Updated plugins
  • Nessus upload plugin is orders of magnitude faster
  • Nikto upload plugin is orders of magnitude faster
  • Nmap upload plugin is orders of magnitude faster
  • VulnDB import plugin (to support VulnDB HQ integration)
Internals
  • Updated First Time User's Wizard
  • Updated to Rails 3.2

Read the full announcement.

 

Dradis at Play

A guest post by J Wolfgang Goerlich (@jwgoerlich), Captain of the MiSec RuCTFe 2012 team.

Ten. Nine. Eight. We stand in the war room of a data center. Seven. Six. We watch the scoreboard and count down the final few seconds. Five. Four. It was a tough day, but the team really came together at the end. Three. The organizers extended it by ninety minutes. We're tired, hungry, and ready to celebrate. Two. Tomorrow, we can reflect with Dradis. One. Game over.

Read the full post.

 

Older posts

Dradis Framework featured in Advanced Penetration Testing for Highly-Secure Environments

Drag'n'drop attachment uploads

Dradis Framework is the star in PaulDotCom en Espanol Episode 11

more news in the blog

Are we alive?

Present: Check the blog for the latest news. And the Commi History for the latest commits.

Past: To get an idea of what we have accomplished so far, checkout the global CHANGELOG and the release timeline.

Future: Finally, checkout the roadmap to find ou what we are planning for the future.


We're figuring out a way to embed this information inline.

https://github.com/dradis/dradisframework/tree/dradis3.x

https://github.com/dradis/dradisframework/graphs/commit-activity

https://github.com/dradis/dradisframework/network