Dradis 2.7.1 released!

Leave a reply

This bug-fixing release features:

  • Several closed issues: #3, #4, #6, #7, #8 and #10.
  • A cleaner, leaner note editor:

And all the goodness introduced in 2.7.0:

  • Improved command line API with Thor (thor -T to view all commands)
  • New Configuration Manager to handle all plugin config settings
  • New Upload Manager that runs uploads in the background and updates the interface through Ajax
  • New plugins:
  • Updated plugins:
    • Nessus plugin supports .nessus v2
    • Vuln::DB import updated to support the latest release
  • Bugs fixed: #2888332, #2973256
  • Update Rails to 3.0.6

download now

Open-source project released: passdb

Leave a reply

On Wednesday we released passdb a Ruby gem to search CIRT.net’s default password database.

We have decided to host our gem’s source code in GitHub (which we will be using in the future to host all our open-source contributions). Find the repository, documentation and install instructions in:

https://github.com/securityroots/passdb

Future plans for the library include adding an option to submit new entries, so the guys at CIRT.net can keep their database updated with the latest additions.

Feel free to fork and submit pull requests. If you find the library useful or have suggestions for improvements, we will love to hear about them.

Running Dradis Framework (2.7) in BackTrack4 R2

Leave a reply

Following the series of articles on how to get the Dradis Framework running in different operating system, this time is the turn of BackTrack 4 R2.

Note this is almost a re-post of my Running Dradis Framework in BackTrack 4 R2 but updated to 2.7 (instead of 2.6.1).



First, get a download link for the latest Dradis from http://dradisframework.org/downloads.html and get it:

# wget http://downloads.sourceforge.net/dradis/dradis-v2.7.0.tar.bz2

Extract it:

# tar -xvvjf dradis-v2.7.0.tar.bz2


Next we need to update the version of RubyGems installed in BT4:

# gem -v
1.3.1
# gem update --system
[...]
# gem -v
1.7.2


And install the Bundler gem:

# gem install bundler


There is only one missing prerequisite to ensure everything runs smoothly, the development bindings of the libxslt package. You can get them with:


# apt-get install libxslt-dev


Now we are ready to get things going:

# cd dradis-2.7

# ./reset.sh
Your Gemfile's dependencies could not be satisfied
Install missing gems with `bundle install`
Some Ruby gems are missing, do you want to install them now? [y] y

Ok then, I am going to run bundle install for you, then you should run this script again.

Fetching source index for http://rubygems.org/
Installing rake (0.8.7)
Installing RedCloth (4.2.5) with native extensions
Installing abstract (1.0.0)
[...]
Your bundle is complete! Use `bundle show [gemname]` to see where a bundled gem is installed.


After all the dependencies are installed, we are ready to initialize the database and start the server. However, there is just one thing that have to be changed in the startup scripts.

Edit the last line of reset.sh to look like this:

bundle exec thor dradis:reset

Now we are ready, run the reset script again to generate the database:

# ./reset.sh

And start the server with:

# ./start.sh

Everything should be up and running in: https://127.0.0.1:3004/

Dradis 2.7 released!

Leave a reply
  • Improved command line API with Thor (thor -T to view all commands)
  • New Configuration Manager to handle all plugin config settings
  • New Upload Manager that runs uploads in the background and updates the interface through Ajax
  • New plugins:
  • Updated plugins:
    • Nessus plugin supports .nessus v2
    • Vuln::DB import updated to support the latest release
  • Bugs fixed: #2888332, #2973256
  • Update Rails to 3.0.6

download now

Dradis 2.6 released!

Leave a reply
  • Improved performance across the board
  • Upgraded libraries: Rails 3 and ExtJS 3.3
  • New First Time User Content showing how to use the interface
  • You still get all the old features
    • HTML and Word reporting plugin.
    • Burp Upload plugin so you can use Burp Scanner output.
    • Nikto Upload plugin to use your Nikto scan results.
    • OSVDB Import plugin straight from the OSVDB.
  • Bugs fixed: #3021312, #3030629, #3076709.

download now

Dradis 2.5.2 released!

Leave a reply
  • Improved Note editor: bigger, easier to use and supports formatting!
  • New First Time User Wizard
  • Keep track of all the activity with the built-in RSS feed
  • Plugin improvements

    • New HTML Export reporting plugin.
    • New Burp Upload plugin so you can use Burp Scanner output.
    • New Nikto Upload plugin to use your Nikto scan results.
  • Upgraded libraries: ExtJS 3.1.1, Rails 2.3.5
  • Bugs fixed: #2964273, #2932569, #2963253, #2974460.
  • Security fixes

download now

Dradis 2.5.1 released!

Leave a reply
  • Improved Note editor: bigger, easier to use and supports formatting!
  • New First Time User Wizard
  • Keep track of all the activity with the built-in RSS feed
  • Plugin improvements
    • New HTML Export reporting plugin.
    • New Burp Upload plugin so you can use Burp Scanner output.
    • New Nikto Upload plugin to use your Nikto scan results.
  • Upgraded libraries: ExtJS 3.1.1, Rails 2.3.5
  • Bugs fixed: #2964273, #2932569, #2963253.

download now