SecurityTubeBeta Watch ... Learn ... Contribute |
 |
 |
 |
 |
 |
  |
|
Dradis (Collaborative Pentesting and Information Sharing Framework)
Among the various challenges that Pentesters face today - efficient sharing of information about the scans tops the list. Not being able to share information in an effective way will result in exploitation opportunities being lost and the overlapping of efforts, which is a waste of time. Also, given the wide variety of tools employed in a pentest, with different output formats, different testers end up capturing the information in their own home grown representations, thus making it impossible to collaborate efficiently with other fellow testers during a scan. Dradis was created to address this pain point.
Dradis is an open source framework to enable effective information sharing during penetration testing exercises. It provides a centralized repository of information to keep track of what has been done so far, and what is still ahead. Dradis is thus an ideal tool to help in the process of security assesments.
Here is quick presentation embed given about the Dradis framework at Defcon 17 this year. You can download Dradis from here. For Backtrack fans, its already been included in Backtrack 4.0, so no need for installation for you guys.
The video below has been created by the Dradis team to demonstrate the flexibility and ease of use of the framework. As of this writing, the current version of Dradis is 2.3. The video uses the 2.2 version to illustrate how an Nmap scan result can be easily imported into the Dradis framework, and then report templates can be easily imported from external sources, modified and the reports generated for the scans with them. It really is an awesome framework! Highly recommended for Pentesting teams and for the lone hacker who would like to organize and catalog his adventures for future references ;)
Dradis is an open source framework to enable effective information sharing during penetration testing exercises. It provides a centralized repository of information to keep track of what has been done so far, and what is still ahead. Dradis is thus an ideal tool to help in the process of security assesments.
Here is quick presentation embed given about the Dradis framework at Defcon 17 this year. You can download Dradis from here. For Backtrack fans, its already been included in Backtrack 4.0, so no need for installation for you guys.
The video below has been created by the Dradis team to demonstrate the flexibility and ease of use of the framework. As of this writing, the current version of Dradis is 2.3. The video uses the 2.2 version to illustrate how an Nmap scan result can be easily imported into the Dradis framework, and then report templates can be easily imported from external sources, modified and the reports generated for the scans with them. It really is an awesome framework! Highly recommended for Pentesting teams and for the lone hacker who would like to organize and catalog his adventures for future references ;)
Related Videos from: Attack Platforms
.jpg) | .jpg) |  |  | .jpg) | |
You are Viewing this Video Now! | |||||
2687 views | 5110 views | 3187 views | 6614 views | 2593 views |
Author
Vivek Ramachandran is a security evangelist and has been working in computer security related fields for the past 7 years. In 2007, Vivek spoke at world renowned conferences Defcon (WEP Cloaking Exposed) and Toorcon (The Caffe Latte Attack). The discovery of the Caffe Latte Attack was covered by CBS5 news, BBC online, Network World etc news agencies.In 2006, Vivek was announced as one of winners of the Microsoft Security Shootout contest held in India among 65,000 participants. He has also been a recipient of a Team Achievement at Cisco Systems for his work on 802.1x and Port Security modules on the Catalyst 6500 switches. Currently he spends all of his time maintaining Security- Freak.Net , SecurityTube.Net and is the co-founder of Axonize. Vivek, is a Bachelor in Electronics and Communications Engineering from the prestigious Indian Institute of Technology, Guwahati.You can contact him at vivek[at]securitytube.net
©2007 Freak Labs |