The Administrator role

Managing users

Enabling / disabling sign ups

Working with teams

Working with projects

The Instance-wide Trash

Integration and Tool Manager

Project Scheduler

The Business Intelligence Dashboard

The Remediation Tracker

The Mappings Manager

The Rules Engine

The IssueLibrary

Report templates

Report template properties

Note templates

Project templates

Methodology templates

Kit Uploads

System settings

Upgrading the app

Customizations and Configurations

Re-encrypt your LUKS-encrypted disk and generate a new volume key

Automatically unlock your LUKS-encrypted drive

Change your LUKs-encrypted drive's passphrase

Change default CIC password

Set up SSL certificates so that upgrades won't override them

Set up SSL certificates with Let's Encrypt

Increase the number of puma threads

Increase the number of export worker processes

Set maximum login attempts

Increase session timeout period

Usage analytics sharing

Configure the mail server

Configure the Burp-Dradis Extension

Connecting Dradis to MediaWiki

Enable extra import add-ons

API basics

Teams endpoint

Users endpoint

Projects endpoint

Nodes endpoint

Issues endpoint

Evidence endpoint

Content Blocks endpoint

Notes endpoint

Attachments endpoint

Document Properties endpoint

Methodologies endpoint

IssueLibrary endpoint

Intro to the Command Line Interface

User's guide to the Dradis Console

Upload tool output from the command line

[scripting] Find projects with XSS issues

[scripting] Find Issues added in the past 24 hours

[scripting] Statistics on Issues and Projects

[scripting] From Nessus output to custom report

[scripting] Update your IssueLibrary entries

Intro to the BI Dashboard

Custom Team Properties

Custom Project Properties

From Properties to Metrics

Trend Analysis

Intro to Liquid Gateway Themes

Creating Liquid Gateway Themes

Using Liquid Gateway Themes

  1. Support Home
  2. Collaborate
  3. Working with projects
  4. Using Nodes

Using Nodes

This page contains:

Nodes are containers, similar to "folders" in a file system.

Most of the information in a Dradis project is associated with a Node including: notes, attachments, and evidence.

Structuring your project

Depending on the type of security assessment you're working on, you'll want to structure your project in a different way. Here are two sample project structures:

Mobile app assessment

Network assessment

You can nest your nodes to create a tree structure.

Nodes are simply containers without any meaning attached to them. They can represent anything: hosts, wireless networks, areas of the attack surface, OWASP categories... you get the idea.

Adding top-level Nodes

Add new root branches to the tree using the + symbol in the sidebar:

Add one Node

In the pop-up that appears, select Add one to add a single top-level Node to your project. Give the node a label and select an Icon if desired. Then, click Add to create the node.

Add multiple Nodes

To create more than one node at the same time, select Add multiple. Type or paste a list of the nodes you want to create into the editor window. Make sure to add each new node on a new line. Select an Icon if desired, then click Add to create all of your nodes at the same time.

Modifying, deleting, merging, and moving nodes

Once you click on a node, you can perform several operations using the top menu, including:

  • Adding a child node. Click + Add subnode and use the process described above to add a single subnode or add multiple subnodes.

  • Destroying it by clicking Delete. Remember that you can restore deleted content later with the Trash feature.

  • Edit the node label by clicking Rename.

  • Change the nodes place in the tree structure by clicking Move.

  • Merge the node with another by clicking Merge. Merging will carry over all Notes, Evidence, Attachments, and Activities from the source node into the target node.

Inside a Node

Once you click on a Node, in the contextual sidebar you'll find:


Notes

Use them as scrap paper, for random ideas, things you want to remember, TODOs, etc.

Learn more about working with Notes

Evidence

When you find a vulnerability, you typically associate it with a Node to link the Issue to the location (Node) in the project. In the Evidence section you include the specifics. For example:

  • what is the problem?
  • In what URL / parameter?
  • In what file / line of code?

The details you include in the evidence will depend of the type of assessment (and your report template).

Learn more about working with Evidence

Attachments

These are files you upload. Typically: screenshots, raw console output captures, files you got from the server, etc.

Learn more about working with Attachments

Inside the Node you can also access a table of all the Evidence or all of the Notes associated with the Node. This allows you to Filter the table, display the fields that you need to see, as well as delete multiple instances of Evidence at the same time.

There is also a Methodology tab where you can add a node-level methodology.

Learn more about working with Methodologies

Next help article: Node properties →

Streamline InfoSec Project Delivery

Learn practical tips to reduce the overhead that drags down security assessment delivery with this 5-day course. These proven, innovative, and straightforward techniques will optimize all areas of your next engagement including:

  • Scoping
  • Scheduling
  • Project Planning
  • Delivery
  • Intra-team Collaboration
  • Reporting and much more...

Your email is kept private. We don't do the spam thing.