Ever wanted to create your own Dradis Pro report templates but didn’t know where to start? Wait no more! A few days ago we introduced the Extras page. From there you can download report templates and testing methodologies. The idea is to showcase all the possibilities supported by our reporting engine and lay the ground work so our users can build on top of these templates.
The latest addition has been the OWASP Top 10 – 2013rc checklist. This covers the recently released OWASP Top 10 – 2013 release and contains 60 checks that you can use to test for all the issues in the new Top 10:
- A1-Injection
- A2–Broken Authentication and Session Management
- A3–Cross-Site Scripting (XSS)
- A4–Insecure Direct Object References
- A5–Security Misconfiguration
- A6–Sensitive Data Exposure
- A7–Missing Function Level Access Control
- A8-Cross-Site Request Forgery (CSRF)
- A9-Using Components with Known Vulnerabilities
- A10–Unvalidated Redirects and Forwards
Below is a list with a few examples of the Dradis Pro report templates (both Word and HTML) that you can find there:
Advanced Word example
Mix everything together: use Dradis notes for your conclusions, sort your findings by severity, filter, group, make use of document properties, etc.
A simple report to get you started
Never created a custom Dradis Pro report template before? No problem, start with this basic template to learn about the inner workings of the engine and in no time you’ll have your custom own report template up and running.
A fancy HTML report
Dradis Pro supports a number of report formats including Word 2010 and HTML. In this case we show you how to create a fairly complex HTML report with the list of issues order by severity, a bit of JavaScript to auto-colour and auto-link external references and some awesome charts to nicely show the risk profile of the environment.
With the help of these samples, creating your own report template has never been easier. Are you ready to give Dradis Pro a try?