dradis / Dradis Ce
Licence: gpl-2.0
Dradis Framework: Colllaboration and reporting for IT Security teams
Stars: ✭ 443
Programming Languages
ruby
36898 projects - #4 most used programming language
Projects that are alternatives of or similar to Dradis Ce
Faraday
Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.
Stars: ✭ 3,198 (+621.9%)
Mutual labels: collaboration, pentesting, penetration-testing, infosec, security-audit
Pwndoc
Pentest Report Generator
Stars: ✭ 417 (-5.87%)
Mutual labels: collaboration, penetration-testing, infosec, security-audit
Resources
A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (-86%)
Mutual labels: pentesting, penetration-testing, infosec, security-audit
Crithit
Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (-58.92%)
Mutual labels: pentesting, penetration-testing, infosec, security-audit
Red Team Curation List
A list to discover work of red team tooling and methodology for penetration testing and security assessment
Stars: ✭ 68 (-84.65%)
Mutual labels: pentesting, penetration-testing, infosec
Active Directory Exploitation Cheat Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Stars: ✭ 870 (+96.39%)
Mutual labels: pentesting, penetration-testing, infosec
Horn3t
Powerful Visual Subdomain Enumeration at the Click of a Mouse
Stars: ✭ 120 (-72.91%)
Mutual labels: pentesting, penetration-testing, security-audit
Securitymanageframwork
Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.
Stars: ✭ 378 (-14.67%)
Mutual labels: pentesting, infosec, security-audit
Gorsair
Gorsair hacks its way into remote docker containers that expose their APIs
Stars: ✭ 678 (+53.05%)
Mutual labels: pentesting, penetration-testing, infosec
Zap Cli
A simple tool for interacting with OWASP ZAP from the commandline.
Stars: ✭ 166 (-62.53%)
Mutual labels: pentesting, penetration-testing, security-audit
Infosec reference
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Stars: ✭ 4,162 (+839.5%)
Mutual labels: pentesting, penetration-testing, infosec
Nmap
Idiomatic nmap library for go developers
Stars: ✭ 391 (-11.74%)
Mutual labels: pentesting, penetration-testing, infosec
Awesome Shodan Queries
🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
Stars: ✭ 2,758 (+522.57%)
Mutual labels: pentesting, penetration-testing, infosec
Archstrike
An Arch Linux repository for security professionals and enthusiasts. Done the Arch Way and optimized for i686, x86_64, ARMv6, ARMv7 and ARMv8.
Stars: ✭ 401 (-9.48%)
Mutual labels: pentesting, penetration-testing, security-audit
Pentest Notes
Collection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)
Stars: ✭ 89 (-79.91%)
Mutual labels: pentesting, penetration-testing, security-audit
Docker Security Images
🔐 Docker Container for Penetration Testing & Security
Stars: ✭ 172 (-61.17%)
Mutual labels: pentesting, penetration-testing, infosec
Habu
Hacking Toolkit
Stars: ✭ 635 (+43.34%)
Mutual labels: pentesting, penetration-testing, security-audit
Dirsearch
Web path scanner
Stars: ✭ 7,246 (+1535.67%)
Mutual labels: pentesting, penetration-testing, infosec
Cameradar
Cameradar hacks its way into RTSP videosurveillance cameras
Stars: ✭ 2,775 (+526.41%)
Mutual labels: pentesting, penetration-testing, infosec
Welcome to the Dradis Framework
Dradis is an open-source collaboration framework, tailored to InfoSec teams.
Our goals
- Share the information effectively.
- Easy to use, easy to be adopted. Otherwise it would present little benefit over other systems.
- Flexible: with a powerful and simple extensions interface.
- Small and portable. You should be able to use it while on site (no outside connectivity). It should be OS independent (no two testers use the same OS).
Some of the features:
- Platform independent
- Markup support for the notes: text styles, code blocks, images, links, etc.
- Integration with existing systems and tools:
Editions
There are two editions of Dradis Framework:
- Dradis Framework Community Edition (CE): open-source and available freely under the GPLv2 license.
- Dradis Framework Professional Edition (Pro): includes extra features that are more useful for organizations dealing with bigger teams and multiple projects at a time. To use Pro and get official support please become a subscriber.
Getting started: Community Edition
Git release (recommended)
$ git clone https://github.com/dradis/dradis-ce.git
$ cd dradis-ce/
$ ruby bin/setup
$ bundle exec rails server
You can browse to the app at http://localhost:3000/
Using Vagrant
If you'd like to use dradis in Vagrant, you can use the included Vagrantfile.
# Clone the repo
git clone https://github.com/dradis/dradis-ce.git
# install/start the vagrant box
vagrant up
# ssh into the box
vagrant ssh
# install ruby in the vagrant box
cd /dradis/dradis-ce
rvm install "$(cat .ruby-version)"
# Then you can proceed with standard setup from within Vagrant
ruby bin/setup
# You'll need to tell the server to bind to 0.0.0.0 for port forwarding:
bundle exec rails server -b 0.0.0.0
Stable release
In https://dradisframework.com/ce/download.html you will find the latest packages.
Getting help
- http://dradisframework.org/
- Community Forums
- Slack channel
- IRC: #dradis
irc.freenode.org
Contributing
Please see CONTRIBUTING.md for details.
Many thanks to all Dradis Framework contributors. Dradis has been around since 2007, and in 2016 we had to do some nasty Git gymnastics resulting in a lot of the previous SVN + Git history no longer being available in the current repo. We haven't deleted it though, and we're still very much grateful for the work of our former contributors.
Branching model
We're following Vincent Driessen's A successful Git branching model to try to keep things organized.
In this repo we will have: master, develop, release- and hotfix- branches.
If you need to work on a feature branch, fork the repo and work on your own copy. We can check it from there. Eventually you'll merge to your develop and back to origin's develop.
Community Projects
- check-user-pwned-dradis by GoVanguard: Searches for compromised emails across data breaches and creates Dradis Issues
- csv-data-import-dradis by GoVanguard: Imports Issues, Nodes, Evidence, and Notes from a CSV file into Dradis
- PyDradis by Novacoast: Python wrapper for the Dradis REST API
Have you built a Dradis connector, add-on, or extension? Contact us so that we can feature it here.
License
Dradis Framework Community Edition is released under GNU General Public License version 2.0
Dradis Framework Professional Edition is released under a commercial license.
We're hiring
If you love open source, Ruby on Rails and would like to have a lot of freedom and autonomy in your work, maybe you should consider joining our team to make Dradis even better.
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].