Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/dradis/dradis-ce

Dradis Framework: Collaboration and reporting for IT Security teams
https://github.com/dradis/dradis-ce

collaboration dradis dradis-framework infosec penetration-testing pentesting security security-audit

Last synced: about 1 month ago
JSON representation

Dradis Framework: Collaboration and reporting for IT Security teams

Awesome Lists containing this project

README 

        
# Welcome to the Dradis Framework



[![CI](https://github.com/dradis/dradis-ce/actions/workflows/ci.yml/badge.svg)](https://github.com/dradis/dradis-ce/actions/workflows/ci.yml)

[![Black Hat Arsenal](https://www.toolswatch.org/badges/arsenal/2016.svg)](https://www.blackhat.com/us-16/arsenal.html#dradis-framework)

[![@dradisfw on X](https://img.shields.io/twitter/follow/dradisfw?style=social)](https://twitter.com/dradisfw)



Dradis is an open-source collaboration framework, tailored to InfoSec teams.








To try Dradis Community, you can deploy your own instance (you will need accounts in the cloud providers to get started).



## Our goals



* Share the information effectively.

* Easy to use, easy to be adopted. Otherwise it would present little benefit over other systems.

* Flexible: with a powerful and simple extensions interface.

* Small and portable. You should be able to use it while on site (no outside connectivity). It should be OS independent (no two testers use the same OS).



## Some of the features:



* Platform independent

* Markup support for the notes: text styles, code blocks, images, links, etc.

* Integration with existing systems and tools:

  * [Brakeman](https://dradis.com/integrations/brakeman.html)

  * [Burp Suite](https://dradis.com/integrations/burp.html)

  * [MediaWiki](https://dradis.com/integrations/mediawiki.html)

  * [Metasploit](https://dradis.com/integrations/metasploit.html)

  * [Nessus](https://dradis.com/integrations/nessus.html)

  * [NeXpose](https://dradis.com/integrations/nexpose.html)

  * [Nikto](https://dradis.com/integrations/nikto.html)

  * [Nmap](https://dradis.com/integrations/nmap.html)

  * [OpenVAS](https://dradis.com/integrations/openvas.html)

  * [Qualys](https://dradis.com/integrations/qualys.html)

  * [SAINT](https://dradis.com/integrations/saint.html)

  * [Zed Attack Proxy](https://dradis.com/integrations/zap.html)

  * ...

  * [Full list](http://dradis.org/integrations/)



## Editions



There are two editions of Dradis Framework:



* **Dradis Framework Community Edition (CE)**: open-source and available freely under the GPLv2 license.

* **Dradis Framework Professional Edition (Pro)**: includes extra features that are more useful for organizations dealing with bigger teams and multiple projects at a time. To use Pro and get official support please [become a subscriber](https://dradis.com/).



## Getting started: Community Edition



### From Git (recommended)



[Installing Dradis from Git](https://dradis.com/ce/documentation/install_git.html)



### Using Docker



If you'd like to use Dradis in Docker, first get the latest image:



```

docker image pull dradis/dradis-ce:latest

```



And then run the container:



```

docker run -it -p 3000:3000 dradis/dradis-ce

```



## Getting help



* https://dradis.com/support/

* [Community Forums](https://discuss.dradisframework.org/)

* [Slack channel](https://evening-hamlet-4416.herokuapp.com/)

* IRC: **#dradis** `irc.freenode.org`



## Contributing



Please see CONTRIBUTING.md for details.



Many thanks to all Dradis Framework [contributors](https://github.com/dradis/dradis-ce/graphs/contributors). Dradis has been around since 2007, and in 2016 we had to do some nasty Git gymnastics resulting in a lot of the previous SVN + Git history no longer being available in the current repo. We haven't deleted it though, and we're still very much grateful for the work of our former [contributors](https://github.com/dradis/dradis-legacy/graphs/contributors).



### Branching model

We're following Vincent Driessen's [A successful Git branching model](http://nvie.com/posts/a-successful-git-branching-model/) to try to keep things organized.



In this repo we will have: *master*, *develop*, *release-* and *hotfix-* branches.



If you need to work on a feature branch, fork the repo and work on your own copy. We can check it from there. Eventually you'll merge to your *develop* and back to origin's *develop*.



### Community Projects



* [check-user-pwned-dradis by GoVanguard](https://github.com/GoVanguard/check-user-pwned-dradis): Searches for compromised emails across data breaches and creates Dradis Issues

* [csv-data-import-dradis by GoVanguard](https://github.com/GoVanguard/csv-data-import-dradis): Imports Issues, Nodes, Evidence, and Notes from a CSV file into Dradis

* [PyDradis by Novacoast](https://github.com/ncatlabs/pydradis): Python wrapper for the Dradis REST API



Have you built a Dradis connector, add-on, or extension? Contact us so that we can feature it here.



## License



Dradis Framework Community Edition is released under [GNU General Public License version 2.0](http://www.gnu.org/licenses/old-licenses/gpl-2.0.html)



Dradis Framework Professional Edition is released under a commercial license.



## We're hiring



If you love open source, Ruby on Rails and would like to have a lot of freedom and autonomy in your work, maybe you should consider [joining our team](https://dradis.com/careers.html) to make Dradis even better.