Dradis: InfoSec Collaboration Framework


Four main goals have driven and will drive the development of Dradis, the system should:

  • effectively share the information. Information should be available to all the clients without extra effort.
  • be easy to use, easy to be adopted. Otherwise it would present little benefit over other systems.
  • be flexible. It needs a powerful and simple extensions interface. In order for it to grow, users should be able to extend it with their own modules.
  • be small and portable. You should be able to use it while on site (no outside connectivity). It should be OS independent (no two testers use the same OS).

The main benefits derived from the use of Dradis are:

  • information is organized
  • it saves time, both while testing and while reporting
  • the knowledge is effectively shared
  • it is also good for one-man testing, it helps structuring what has been covered so far and what else needs to be covered.

Both the client and the server are developed using ruby. The server uses the Ruby on Rails (RoR) framework, which is database independent MVCframework that provides both a web and a web service interface.

The client communicates with the server using REST web services over SSL, as a result, nothing prevents the development of new clients using different languages.

Two flavours of client interface have been developed, a console interface (ruby dradis.rb) for the hardcore testers and a GUI interface (ruby dradis.rb -g) that uses the wxRuby library.

All components of Dradis are platform independent.` The system has been developed using Debian GNU/Linux but has been tested and is known to work at least in Ubuntu/Kubuntu, Gentoo, Mac OS X and Windows.



Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s