Welcome to the Dradis Framework

Dradis is an open-source collaboration framework, tailored to InfoSec teams.

To try Dradis Community, you can deploy your own instance (you will need accounts in the cloud providers to get started).

Our goals

• Share the information effectively.
• Easy to use, easy to be adopted. Otherwise it would present little benefit over other systems.
• Flexible: with a powerful and simple extensions interface.
• Small and portable. You should be able to use it while on site (no outside connectivity). It should be OS independent (no two testers use the same OS).

Some of the features:

• Platform independent
• Markup support for the notes: text styles, code blocks, images, links, etc.
• Integration with existing systems and tools:
  • Brakeman
  • Burp Suite
  • MediaWiki
  • Metasploit
  • Nessus
  • NeXpose
  • Nikto
  • Nmap
  • OpenVAS
  • Qualys
  • SAINT
  • Zed Attack Proxy
  • ...
  • Full list

Editions

There are two editions of Dradis Framework:

• Dradis Framework Community Edition (CE): open-source and available freely under the GPLv2 license.
• Dradis Framework Professional Edition (Pro): includes extra features that are more useful for organizations dealing with bigger teams and multiple projects at a time. To use Pro and get official support please become a subscriber.

Getting started: Community Edition

From Git (recommended)

Installing Dradis from Git

Using Docker

If you'd like to use Dradis in Docker, first get the latest image:

docker image pull dradis/dradis-ce:latest

And then run the container:

docker run -it -p 3000:3000 dradis/dradis-ce

Getting help

• https://dradis.com/support/
• Community Forums
• Slack channel
• IRC: #dradis irc.freenode.org

Contributing

Please see CONTRIBUTING.md for details.

Many thanks to all Dradis Framework contributors. Dradis has been around since 2007, and in 2016 we had to do some nasty Git gymnastics resulting in a lot of the previous SVN + Git history no longer being available in the current repo. We haven't deleted it though, and we're still very much grateful for the work of our former contributors.

Branching model

We're following Vincent Driessen's A successful Git branching model to try to keep things organized.

In this repo we will have: master, develop, release- and hotfix- branches.

If you need to work on a feature branch, fork the repo and work on your own copy. We can check it from there. Eventually you'll merge to your develop and back to origin's develop.

Community Projects

• check-user-pwned-dradis by GoVanguard: Searches for compromised emails across data breaches and creates Dradis Issues
• csv-data-import-dradis by GoVanguard: Imports Issues, Nodes, Evidence, and Notes from a CSV file into Dradis
• PyDradis by Novacoast: Python wrapper for the Dradis REST API

Have you built a Dradis connector, add-on, or extension? Contact us so that we can feature it here.

License

Dradis Framework Community Edition is released under GNU General Public License version 2.0

Dradis Framework Professional Edition is released under a commercial license.

We're hiring

If you love open source, Ruby on Rails and would like to have a lot of freedom and autonomy in your work, maybe you should consider joining our team to make Dradis even better.