Monthly Archives: February 2011

Dradis Framework in Grey Hat Hacking 3rd Edition

Grey Hat Hacking 3rd edition has a full chapter on Information Sharing During a Penetration Test featuring the Dradis Framework extensively.

Installation, configuration, upload, export and import plugins, OSVDB configuration are all covered. Some quotes:

The Dradis Server is the best way to collect and provide information sharing during a penetration test.

The real magic of Dradis occurs when multiple users enter data at the same time.

Access may be granted to the client, enabling them to keep abreast of the current status at all times. Later, when the assessment is done, a copy of the framework database may be left with the client as part of the report.