Server Plugins

dradis server plugins are standard Ruby on Rails plugins with a twist.

There are three main types of plugins:

• Import: Import plugins let the framework connect to external systems and import information from them. Examples:
  • WikiMedia wiki
  • Vulnerability database
• Export: Export the contents of the repository into different formats. Examples:
  • WordExport: generate a Word report. Read more
  • Generate project export files (for backup or to re-use them in the future)
  • PDF format
• Upload: Upload files to the server and parse their contents to add them to the respository. Examples:
  • Nmap upload
  • Nessus upload
  • Template / project upload (to restore the state of the project)

Generating Plugins

To generate a plugin you can use one of the provided plugin generators. For example, to generate an Upload plugin that loads Nikto results, go the server folder (./dradis/server/) and run:

$ ./script/generate upload_plugin nikto_upload

That will generate all the required files to get the plugin up and running. Remember that you will have to restart the server after adding a new plugin. There are generators for each plugin type: import_plugin, export_plugin and upload_plugin.

Hooking into the Framework

The structure created by the plugin generators is very similar with independence of the plugin type.

This is because the only thing you really need to do in order to hook your plugin with the Framework is to create a module (for example NiktoUpload and include it in one of the existing plugin modules. For example:

# This includes the import plugin module in the dradis import plugin repository module Plugins module Upload include NiktoUpload end end

This is done for you by the plugin generator. You just need to focus on the code that controls your business login in your generated plugin located at: ./vendor/plugins/nikto_upload/.

More Information

On the specific plugin types is available in:

• Import plugins