Dradis is an open source reporting platform for IT Security, tailored towards the types of information that need to be shared amongst an information security team during a professional engagement. It provides a centralized repository of information using a web interfaced based client/server architecture.
It also supports 15+ different tools including Burp, Nessus, Nmap, Qualys (listed below).
The goals of the project are to:
- Share the information effectively.
- Easy to use, easy to be adopted.
- Flexible: with a powerful and simple extensions interface.
- Small and portable.
- You should be able to use it while on site (no outside connectivity).
- It should be OS independent (no two testers use the same OS).
Features
- Platform independent
- Markup support for the notes: text styles, code blocks, images, links, etc.
- Integration with existing systems and tools:
- Burp Scanner
- Metasploit
- Nessus
- NeXpose
- Nikto
- Nmap
- OpenVAS
- OSVDB
- Retina
- SureCheck
- VulnDB
- w3af
- wXf
- Zed Attack Proxy
New in v3.0
- Support for Issue/Evidence separation
- New HTML/CSS interface
- Use BCrypt for password storage.
- Gemified plugins in external repositories
- Enhanced background workers
- New plugins:
- Export: CSV, PDF
- Upload: Acunetix, Qualys
- Rails 4.1
You can download Dradis 3.0.0.rc3 here:
Linux – dradis-3.0.0.rc3-linux-x86.tar.gz
Mac – dradis-3.0.0.rc3-osx.tar.gz
Or read more here.