Roadmap

After all, Dradis is still a young project, there is lots of room for improvement. A small summary of what is in the pipeline for the next releases:

Game-chaging features:

  • Custom note field definition. The ability to choose the different fields your notes would consis of. Instead of the current Text/Author/Category fields you could your own (Probability, CVSS num., etc.) [v3.0]

Incremental improvements:

  • Add support for the Intermediary Vulnerability Information Language.
  • Provide a way to let users know that there is a new version available.
  • Alternatively, can we distribute Dradis pointing the ./server to the trunk to facilitate updating to the latest release?
  • Consolidate the reset and start scripts into a single cross-platform script possibly based on Thor.

Things that once were in the Roadmap and were implemented in previous releases:

  • Explore how we can use Faye or a similar tool to create push notifications for logged in users. [v2.8]
  • Provide a configuration interface for server plugins [v2.7]
  • Improve feedback for upload plugins: upload progress, errors, etc. [v2.7]
  • Improve the Windows installer: start/reset links, icons, etc. [v2.6]
  • Ensure we support Ruby 1.9 [v2.6]
  • Create a upload plugin for Burp Scanner output files. [v2.5]
  • Adding some sort of formatting to the notes. [v2.5]
  • RSS feed of changes. Provide a team lead view that shows latest changes. [v2.5]
  • Upgrade to the latest Rails and ExtJS. [v2.5]
  • Import from file. A framework to support importing content from files (for example, nmap or nessus output files) into the repository from the web interface. [done]
  • Import/export projects (think backup). [done]
  • Add a flexible reporting module to export to WordXML or pdf. [done]
  • Add the ability to import notes from external sources (i.e. vulnerability database). [done]
  • It should be possible to add attachments (screenshots, tool output files, etc.) to the nodes. [done]

If you want to know more about any of this modules or cannot wait to start contributing with some awesome code, join the mailing lists now!

There is also a TODO file in the subversion repository of the project. This file is used by the development team to keep track of what needs to be done an when.