Custom Excel Reports

Create an Excel Template

Functions Forever

Generate your Excel Report

Sample files

Debugging your template

Common problems

Export from the command line

Missing content

Failed export

Word error: ambiguous cell mapping

Word error: qualified name

Word error: XML parsing error

Project validation

Validate Content Blocks

Validate document properties

Validate Evidence fields

Validate Issue fields

Validate Screenshots

Advanced reporting options

Creating HTML reports

Creating Excel reports

Export your project to CSV

Creating PDF reports

From a sample report to a Dradis template

From Nessus to Word: a hands-on example

Advanced reporting: filters, groups and properties

Reporting by host, reporting by issue

Creating Word reports with XSL transformations

  1. Support Home
  2. Report
  3. Custom Word reports
  4. Intro. to Word templates

Introduction to Word templates

This page contains:

Dradis Professional reporting engine is, if we can say so ourselves, quite powerful.

In a nutshell, it will match information from your Dradis project with placeholders in your report template.

Report templates are just Word documents

Before moving on to the meat and potatoes of this manual, lets clarify that a Dradis report template is a normal Word document with some placeholders in it that our reporting engine will use.

This is a double win:

  • You can create a report template with Word, and only Word, no external tools, dependencies or trickery.
  • You can convert an existing document into a template by adding the placeholders in the right locations.

The rest of this manual will show you how to do it.

Quick recap on Dradis fields

If you remember from the Working with notes section of the user manual, you have complete freedom to structure your findings.

For example, you could have the following fields:

In this case, Risk would be either High, Medium or Low.

However, this is just a suggestion, you could have any fields that suit you. For example, another popular set among our users: Title / Impact / Likelihood / Description / Remediation / References.

Or you could use the CVSSv2 or DREAD scoring systems.

Placeholders in the template

It doesn't really matter what fields you've got in your Dradis findings.

What matters is that the fields need to match the placeholders in your template.

For example, this would be a perfectly valid Dradis report template:

Ignore the enclosing Issue block for now, and focus on the placeholders inside.

We've got placeholders for all the fields we defined in our issue:

  • Title
  • Risk
  • Description
  • Recommendation

Two sides: the template and the project

Whenever you're working with Dradis reports, like when dealing with The Force, there are always two sides: the template side, and the Dradis project side.

The reporting engine matches these two sides, it outputs data from Dradis into the placeholders defined in the template.

If the fields or the values in your Dradis project don't match up with the fields or values that your report template is looking for, you'll end up with missing content in your exported report.

As you go through and create your report template, we recommend creating issue.txt and evidence.txt template files to help you match up the content in your project with the content that your report template is looking for. More on those later!

Next help article: The Welcome Pack template →

Streamline InfoSec Project Delivery

Learn practical tips to reduce the overhead that drags down security assessment delivery with this 5-day course. These proven, innovative, and straightforward techniques will optimize all areas of your next engagement including:

  • Scoping
  • Scheduling
  • Project Planning
  • Delivery
  • Intra-team Collaboration
  • Reporting and much more...

Your email is kept private. We don't do the spam thing.