Monthly Archives: September 2012

Create a report in minutes with Dradis Pro and VulnDB HQ

How long did it take you to create your last pentest report? Days? Hours? Sounds like too much effort for something that should be 80% automated!

Lets see how you can use Dradis Pro and VulnDB HQ to create a pentest report in minutes.

Tracking progress with Dradis Pro

Everybody tracks progress and makes notes while conducting an assessment. However, using Dradis Pro has a few advantages over other methods (e.g notepad).

First you can use testing methodologies to define the steps you need to cover and track your progress:

Of course this is useful both when you’re working alone and when you’re part of team to ensure there is no overlapping.

If everyone is adding their findings to Dradis Pro’s shared repository, generating the report is one click away (keep reading!).

Adding a few findings from your VulnDB account

Say that today is your lucky day, LDAP injection on the login form! You don’t think this is in your private VulnDB HQ repository but search anyway:

Well, it was not in your private repository, but there is an LDAP injection entry in VulnDB HQ’s Public repository that you can use as a baseline. You import it.

You continue with you hack-fu, find a bunch of issues: cross-site scripting, some SQL injection, Axis2 testing servlet, header injection and a few SSL issues. For each of these, you spend 30 seconds searching VulnDB HQ, importing the issue to your project and tweaking the particulars.

Assign everything to the AdvancedWordExport ready category, and you’re done. Fairly painless, no?

And if Dradis is not your cup of tea (?!) you could always connect your VulnDB HQ account to your own tools using our RESTful API (or the convenient vulndbhq Ruby gem).

Report template

Now, the report. We want a high-quality Word 2010 document that we can easily edit and adapt as time passes.

I won’t get into the nitty-gritty details of template building here (there is a Creating Word reports with DradisReports guide in our support site with step-by-step instructions).

We will use a fairly simple approach, I’ve created a template based of one of Word’s default styles (Home > Styles > Change Style > Formal). Just add the headings you need and a few Content Controls. Here is what ours look like:

It starts with a table with some information about the project (name, client, dates, team, etc.).

Then the Exec Summary with a Conclusions section (sorry, you’ll have to adjust this with your own conclusions!) and a Summary of Findings list which will contain just the Title of each finding.

Then a Technical Details section that contains issue descriptions for each of the vulnerabilities we’ve identified during the report.

Note that you only have to create the template the first time, and then reuse it for every project. The template you see above took me about 10 minutes to create.

One last thing: the properties

Yes, we could add the project specifics like the client name and dates and everything else by hand. However, chances are that your report template is a bit more complex than the one in this example and that you’ll have your client’s name in multiple places and that some of the other information will also be repeated.

Thankfully we can define document properties from within Dradis Pro (see the DradisReports: using custom document properties guide for more information):

There you go. Now we can re-export and voila, the report is complete:

  • Total reporting time: 1 click.
  • Overhead during the test for importing issues from your VulnDB HQ account: ~30 seconds each?

We rest our case.

Would you like to know more?

We recommend you start with:

Upcoming in Dradis Pro v1.6: checklists and methodologies

One of the main benefits of using Dradis Pro is that it simplifies the task of producing consistent results.

We have just introduced a new feature in our development release is support for checklists (yes, you get early access to features before they are shipped in each major release.

This is a big deal for a few reasons:

  • Never forget any steps. No loose ends. Useful even if you’re a freelancer.
  • Great for learning / bringing people up-to-speed.
  • You can create checklists for new technologies the first time around and reuse them months down the line when you need them again.

A few screenshots are in order:

And you can have a pool of checklists and use the one that best fits with each project:

And of course, status is maintained and shared with all team members working with you:

If you are already managing your testing methodologies with VulnDB HQ (What? Can I do that? Of course!), watch this space because seamless integration is around the corner.

Still not a Dradis Pro user?

No problem! You can join dozens of organizations already benefiting from a more consistent approach to security testing.

These are some of the benefits you are missing out:

  • Less time writing reports
  • Provide a consistent experience to your customers
  • Pro is reliable, up-to-date and with comes with quality support

Read more in Why should you give Dradis Professional Edition a try?