Author Archives: Rachael Carder

Top 10 tables – a custom Dradis script

Leave a reply

Imagine, you scan a few hundred hosts to create a summary report. You want to show data on ports and operating systems without giving the end user hundreds of pages of data. Enter the “Top 10” script!

Credit for this script idea goes to Chris from I.S. Partners. He reached out via the support inbox to see if we could create a “Top 10” script that would do the following:

  1. Create an array of all of the operating systems, ports/protocols, and services in the project
  2. Deduplicate the arrays and count the number of instances
  3. Narrow down the array to the top 10 based on the number of instances
  4. Update a Content Block in the project with a textile table based on each array

The script assumes that you have a Content Block with the Type field set to “Top10” with the following fields:

  • PortScanning
  • OSEnumeration
  • ServiceEnumeration

Head to our scripting repo and check out the “Top 10” script. To use it:

1. SCP the top10.rb file to your instance (e.g. to the /tmp folder)

2. In the browser, find the project ID of the project that you need to update. For example, if your project lives at /pro/projects/123 in the browser, the ID is 123.

3. Run the following in the command line as “dradispro”:
$ cd /opt/dradispro/dradispro/current/
$ RAILS_ENV=production bin/rails runner /tmp/top10.rb <project_id>

You’ll need to sub in your project ID (Step #2 above) for “<project_id>” above! Example:

$ RAILS_ENV=production bin/rails runner /tmp/top10.rb 123

When the script completes, you’ll see this output in the console:

Port Scanning table updated!
Service Enumeration table updated!
OS Enumeration table updated!

After running the script, you can refresh the Top 10 content block to see the updated tables:

Chris reported that with their largest Nessus file (125MB), the script was able to perform the calculations successfully in less than 30 seconds. We’re optimistic about a similar script’s performance with your projects.

This script will need to be adjusted to meet your individual team’s specific requirements and preferences. But, we think it’s a promising option for teams who prefer not to use VBA or want to create similar tables in their Word reports.

If you need any help customizing this script to meet your specific use case, please reach out to our support team. Or, if you have ideas for improvements, please fork the repo and post in our users forum.

New in Dradis Pro v4.11

Leave a reply

Dradis Framework is a collaboration and reporting tool for information security teams to manage and deliver the results of security assessments, in less time and with less frustration than manual methods.

Bug Fixes

Dradis v4.11.0 is full of bug fixes and technical updates. You may not see brand new features or changes to the UI but we fixed many, many different things behind the scenes. We also updated some behind-the-scenes aspects like the rails version.

Improved version history

We’ve improved the version history and the way that it displays. Previously, the entire line/paragraph would be marked as changed, even if a single word was changed. Check out the new and improved version!

Fixed liquid dynamic content preview in the editor

We’ve also improved the way that Liquid Dynamic Content previews in the editor

Fixed export crashing with links with trailing special character

Previously, exports would crash if you included a link with a trailing special character. No more!

Fixed link formatting for hyperlinks in inline code blocks

We’ve also fixed the formatting of links inside code blocks so that they appear in the report exactly how you’d expect them to appear.

Release Notes

  • Assets: Add importmap-rails to handle js libraries
  • Liquid: Add LiquidAssignsService
  • nginx: Add HTTP/2 support
  • Revision history: Improve version history for content with carriage return
  • Tylium: Show liquid content in editor preview
  • Web-server: Replace unicorn with puma in production
  • Validation: Display attachment validator errors when viewing/editing a record
  • Flash alert: Allow the ‘license about to expire’ alert to be dismissed for the session
  • Upgraded gems:
    • rails, resque-scheduler
  • Bug fixes:
    • Code blocks: Remove extra padding and background for code elements outside of projects
    • Contributors: Expire one time token after login
    • Evidence: Prevent loading old Evidence template content at the Issue level
    • Methodologies: validate presence of content
  • Integration enhancements:
    • Authentication Integrations: Use the AuthenticationStrategies class for Rails 7 support
    • Burp: Fix compatibility with nokogiri >= 1.15
    • Nexpose:
      • Add port/protocol to evidences
      • Use the details in <os> as the OS node property
      • Import `vulnerability.risk_score` as a new Issue field
      • Allow multiple evidence with the same test id & node address
    • Qualys: Add support for the output for Qualys WAS API 3.13 and later
  • Reporting enhancements:
    • Word:
      • Fix export crashing with links with trailing special characters
      • Skip link formatting for hyperlinks in inline code blocks
  • Security Fixes:
    • Low: Authenticated (author) information disclosure
      • After a user has been removed from a project, they may still get notifications for Issues they were subscribed to, resulting in the disclosure of Issue titles.
    • Low: Information Disclosure in the Output Console of Upload Manager

Not using Dradis Pro?

New in Dradis Pro v4.10

Leave a reply

Dradis Framework is a collaboration and reporting tool for information security teams to manage and deliver the results of security assessments, in less time and with less frustration than manual methods.

Validate your projects before your export

How many times have you gone to export a report and realized later that there was an error that the validator caught, you just didn’t validate first? Now, the validation is built into the exporter so that you’ll always get a heads-up about possible problems and can fix them before exporting the report. In the case of false positive validator warnings, you’ll have the option to bypass the errors and continue with the export.

If there are no validation errors, the export will proceed with no extra clicks necessary!

Mappings Manager for Azure DevOps and Jira

What was previously the Plugin Manager is now the Mappings Manager as we’ve extended the functionality to Azure DevOps and Jira. You told us that you usually have a pattern for the data that you send to these external tools. For example, you’d want a specific set of fields from your Dradis issue to go into your Jira card’s description.

The Mappings Manager allows you to configure that mapping so that the next time you send an Issue to Azure DevOps or Jira, the editor will pre-populate with the data from your Issue in the exact format you specified. You’ll still have the ability to edit it before sending the Issue to Azure DevOps or Jira if needed.

Archiving projects

Previously, we had active projects or projects in the Trash and nothing in between. You asked for another way to organize projects and we delivered! Now, you can archive projects as well. Archiving a project does not delete a project, but leaves it in the Archive tab of the Projects view. This way you can maintain an uncluttered view of active projects without needing to send inactive projects to the trash.

New Methodologies REST API endpoint

You can now access Methodology data including Boards, Lists, and Cards via the REST API.

Release Notes

  • Report Template Properties: Add fields with “String” type by default
  • Tylium: Consolidate sidebars
  • Integration Manager:
    • Add error handling for enabling/disabling and installing incompatible files
    • Add the HTML Exporter to the Tools Manager
  • Plugin Manager: Add support for Liquid content in templates
  • Users: Add support for longer TLDs in user emails
  • Projects: Allow archiving of projects
  • Upgraded gems:
    • font-awesome-sass, nokogiri, puma, rails, sanitize, selenium-webdriver
  • Bug fixes:
    • Activity Feed:
    • Correctly render icons for each activity in the feed
    • Export:
    • Prevent exporting reports when the exporter doesn’t have any templates
    • Exclude blank and n/a values from range filters
    • QA: Enable @mentions and formatting toolbar for comments in QA show views
  • Integration enhancements:
    • Azure DevOps: Implement Mappings Manager for Azure DevOps
    • HTML Export
    • Add to the Tools Manager
    • Fix default templates
    • Prevent exporting reports without any HTML templates
    • JIRA
    • Add support for Liquid when sending issues to JIRA
    • Implement Mappings Manager for JIRA
    • Implement ticket assignment when sending issues to JIRA
    • Fix Author authorization when sending an issue to JIRA
    • Send attachments included in an issue to JIRA
    • WPScan: Import “version” findings with status: outdated
  • Reporting enhancements:
    • Word: Validate project before export
  • REST/JSON API enhancements:
    • Boards, Lists, Cards: add initial implementation
  • Security Fixes:
    • Medium: Authenticated (author) broken access control: read access to system files

Not using Dradis Pro?

Dradis v4.8.0 has a Quality Assurance feature to approve Issues and Content Blocks before reporting

New in Dradis Pro v4.8

Leave a reply

Dradis Framework is a collaboration and reporting tool for information security teams to manage and deliver the results of security assessments, in less time and with less frustration than manual methods.

Quality Assurance

Review/approve Issues and Content Blocks before including them in reports.

The goal here was to give you a way to differentiate between “I’ve reviewed this issue” and “I haven’t reviewed this issue yet”.

You can use the new QA view to look at your “Ready for review” Issues and Content Blocks and review them before including them in reports.

Then, on the Export page, the default is to export just the Published records. But, you can also export All if that makes more sense for your team’s workflow.

Tester Administration

We’ve also added better in-app tester administration. If a user gets locked out of their account with too many incorrect login attempts, Admin users will now be able to unlock their account with 1 click.

Release Notes

  • Quality Assurance: Review/approve Issues and Content Blocks before including them in reports
  • Tester Administration: Add unlock button to UI for locked Testers
  • Integration enhancements:
    • JIRA: Add support for Jira Data Center v8.4+
  • Upgraded gems:
    • rack, rails, time
  • Bug fixes:
    • Kits: Enable import of kit with no project template
  • Security Fixes:
    • Medium: Authenticated (author) persistent cross-site scripting

Not using Dradis Pro?

New in Dradis Pro v4.7

Leave a reply

Dradis Framework is a collaboration and reporting tool for information security teams to manage and deliver the results of security assessments, in less time and with less frustration than manual methods.

Inline Code Support

We already supported code blocks, but now, you can use @ symbols to create in-line code inside of your Dradis project:

When you export this to a Word report that has a custom InlineCode character style, you’ll get that code styled automatically:

Custom Tag Management

Previously, you could create custom tags by editing the XML of the project template directly. That’s still an option if you happen to enjoy dealing with XML. Otherwise, you can now use the UI for that whole process. There’s even a color picker so that you can get just the right shade for your custom tags.

From the project level, you can also manage your tags and create, edit, or delete them as needed:

Opt-in Usage Analytics

Prior to v4.7, we had no way to receive usage data from your instance other than a ping to our licensing server when you first activate the instance. In v4.7, we have rolled out optional usage analytics that you can share with us. Yes, optional!

For full transparency, you can see exactly what you would be sending to us in the event log. It’s all anonymized data like “someone exported a Word report” or “someone logged in as a contributor” that is designed to help us understand how teams are using Dradis and should not reveal anything sensitive, not even your email address.

Of course, you can always opt out of sharing this data with us if you prefer. We’re excited to have a bit more information about how you’re currently using Dradis so that we can make the product even better for everyone in the future.

Release Notes

  • Configurations: Add usage tracking and sharing
  • Content Blocks:
    • Add auto-caching
    • Add image upload button to source view toolbar
  • Issues: Display the results from importers in a Datatable
  • Rubocop CI:
    • disable EnforcedShorthandSyntax rule under Style/HashSyntax cop
  • Tylium:
    • Add breadcrumbs to Revision History view
    • Add secondary sidebar toggling functionality
    • Remove Recent Activity tabs and add View History link to the dots menu
    • Tags: Add tag management
  • Nginx:
    • Remove support for TLSv1.0 and TLSv1.1
    • Add support for TLSv1.3
  • Integration enhancements:
    • Burp: Add support for large base64 response
    • Nessus: Clean up code tags in description fields
    • Netsparker: Add issue.classification_owasp2021 as a new avaiable field
    • JIRA: Fix configurations page requiring JIRA token
    • Remediation Tracker
    • Add a sidebar with a back link and info pane for contributors
    • Hide ticket actions from other addons for contributors
    • SAML: Fix assets on login for some providers
  • Upgraded gems:
    • nokogiri, rails, rails-html-sanitizer, sanitize, sinatra
  • Bug fixes:
    • Business Intelligence: Prevent tracking of discarded projects/teams in dashboard
    • Issues: Prevent multiple action cable subscriptions when going back to the issues table
    • Project: Pre-select the project template when project creation fails
    • Methodologies: Ensure params are validated when moving list/card
    • Issuelib: Avoid partial matches being found when importing tool output
  • Reporting enhancements:
    • Word:
      • Add support for inline code
      • Ignore character properties inside Code paragraphs
      • Use ‘DradisData’ as sheet name for embedded chars
  • REST/JSON API enhancements:
    • Author: Add author field for content blocks, notes, issues, and evidence

Not using Dradis Pro?

New in Dradis Pro v4.4

Leave a reply

Dradis Framework is a collaboration and reporting tool for information security teams to manage and deliver the results of security assessments, in less time and with less frustration than manual methods.

Plugin Manager Validation

The Plugin Manager has new validation! Previously, you’d need a file like issue.txt to use when configuring the Plugin Manager. Now, you can simply associate the Plugin Manager with one of the report templates on your Dradis instance. You’ll see a validation check on the right that will tell you about any missing fields as you configure.

Rules Engine Population

Remember that after a tool file is uploaded, the data runs through the Plugin Manager, then hits the Rules Engine. So, we’ve also updated the Rules Engine so that when you build out new Rules, the Match Field trigger is populated with a dropdown of fields that matches what you configured in the Plugin Manager. No more double-checking field names, capitalization, or anything else like that.

Duplicate a Project

Want to start over with a copy of one of your existing projects? Previously, we had the project import/export feature that would work for this but the new Duplicate button streamlines the process significantly. For retests or just starting over with a copy of a project, just hit the Duplicate button and a new project will be automatically created that is identical to the old one.

Bulk Update Issues and Evidence fields

Have you ever run into a situation where you wished that you could edit multiple Issues or instances of Evidence at once? You can now! Just select multiple Issues or instances of Evidence:

Release Notes

  • Login View: Design update
  • Plugin Manager: Add ability to validate plugin templates with report templates
  • Projects: Add ability to clone projects
  • Tylium:
    • Implement bulk updating for issues/evidence fields
    • Improve mobile experience
    • Show the resource title in the header when viewing a resource
  • Upgraded gems:
    • nokogiri, rack, sinatra
  • Bugs fixes:
    • Cards: Prevent adding ‘card’ class to card comments
    • Login: Add button styles for 3rd party login addons
  • Integration enhancements:
    • Rules Engine: Matching fields are now based on the fields defined in the Plugin Manager
  • Reporting enhancements:
    • Word: Assign unique Word IDs to each element in the document.

Not using Dradis Pro?

New in Dradis Pro v4.1

Leave a reply

Dradis Framework is a collaboration and reporting tool for information security teams to manage and deliver the results of security assessments, in less time and with less frustration than manual methods.

Move Evidence

Previously, you could only move Notes from one Node to another. Now, we’ve extended this behavior to Evidence as well. Have an instance of Evidence that actually belongs to a different Node? Just open the instance of Evidence, click Move (it’s in the 3 dots icon in the top right of the screen) and move it to the correct Node. That’s it!

Move your Evidence from one Node to another

Download Report Templates

Do you need to make a report template update or send us a copy of the report template? What happens if you didn’t create the report template to begin with or the template is old enough that you don’t even know where your local copy could be hiding? Previously, SCP was your only option to download a copy of a report template on your instance. Now, just head to Templates > Reports in the header and click the download button next to any report template to get your own local copy.

Download report templates via the Dradis UI instead of SCP

IssueLibrary Templates + Comments

IssueLibrary entries are great! But, creating them from scratch can be a pain without a format to work with. Now, when you create your IssueLibrary entries, you can select a Note template. No more blank page paralysis or trying to remember whether that field is called “Recommendation” or “Recommendations”, you can select your Issue template and just populate it with the data that you need.

Apply a Note template the next time you create a new IssueLibrary entry

Then, once your IssueLibrary entries are created, you can use comments to have a conversation with the rest of your team. Ask questions, offer suggestions, or just leave celebratory emoji comments! 🎉

Leave comments on IssueLibrary entries to have a conversation with the rest of your team

Release Notes

  • Contributors:
    • Create a new Team (optionally) when creating a new Contributor
  • Editor:
    • Insert an appropriate single or multiline tag for blockquotes and code blocks
    • Limit the content height for easier access to the Create/Update button
    • Quote text from comments and resource content (cards, evidence, issues, notes, etc)
  • Evidence:
    • Create a new issue (optionally) when creating new evidence
    • Move evidence across nodes
  • Liquid drops:
    • Add available_properties method to DocumentProperties drop
  • Projects:
    • Sort templates by title in project form
  • Project Validation:
    • Add missing attachments validation for Textile screenshots
  • Report templates:
    • Add functionality to download templates
  • Report Template Properties validation
    • Disable bulk validation in Issues and Evidence tables if the “Validation” column is hidden
    • Move bulk validation in Issues and Evidence tables to a background job
  • Tables:
    • Add selector to change the number of records displayed
  • Tylium:
    • Import CSS manifests from addons
    • Remove height restriction from code blocks
  • Upgraded gems:
    • brakeman, nokogiri, puma, rails
  • Bugs fixes:
    • Account Lockout:
      • Send password reset instructions on account lockout
    • Conflict resolver
      • Apply the correct warning when a conflict happens on edit
    • Custom Properties:
      • Remove Custom project properties header in team show
    • Document Properties
      • Allow document properties to have a value and be nested at the same time.
    • Methodologies:
      • Ensure boards don’t nest when the instance has been inactive
    • Nodes:
      • Remove extra HTML tag causing the methodology tab to break after a board is added
    • Tables
      • Prevent columns state from resetting
  • Integration enhancements:
    • CVSS Calculator:
      • Settings: show/hide the calculator in the Issues view
      • Toggle between CVSSv3.0 and CVSSv3.1
    • Dread Calculator:
      • Settings: show/hide the calculator in the Issues view
    • Gateway
      • Deliverables:
        • Allow macro enabled word and excel filetypes
        • Allow the CSV filetype
      • Projects:
        • Add “Created” and “Updated” columns to the Gateway projects table
        • Show theme versions when selecting a project theme
      • Themes:
        • Atlantia:
          • Check for the existence of document properties before rendering the value
          • Remove newlines from issue titles
          • Show untagged issues
          • Wrap text in code blocks
      • Bug fixes:
        • Allow Authors to enable their own projects for Gateway
    • Issue Library:
      • Add comments to entries
      • Add subscriptions to entries
      • Create entry from note templates
      • Notify users of updates
    • Jira:
      • Bugs fixes:
        • Issue form: Prevent app from crashing when submitting without project or issue type
    • Nessus:
      • Add product_coverage & cvss3_impact_score as available Issue fields
    • Nexpose:
      • Update HTML tag cleanup to better cover UnorderedList and URLLink tags in the solution field
    • Qualys:
      • Add dd, dt support
      • Remove orphaned b tags
    • Remediation Tracker: Tickets: Create new categories and states (optionally) when creating new tickets
  • Reporting enhancements:
    • Word:
      • Adds EvidenceCounter controls support to not nested in an Issue controls
      • Fixes exporting with missing attachments
      • Fixes invalid predicate error by escaping control characters in XML attributes
      • Fixes links inside inline controls
      • Fixes numeric values for non-range filters
      • Fixes “frozen string” error when exporting nodes without a services table
      • Move image captions to their own paragraph
  • Security Fixes:
    • High: Authenticated author broken access control: read access to issue content

Not using Dradis Pro?

New in Dradis Pro v3.8

Leave a reply

Dradis Framework is a collaboration and reporting tool for information security teams to manage and deliver the results of security assessments, in less time and with less frustration than manual methods.

Per-Tool Permissions

Before Dradis Pro v3.8.0, Admins had access to everything and Authors had access to a subset of features. Now, you can give specific Author users permission to use the tools they need. And, you can give them just the level of access that they need.

Give each Author tool-specific permissions

Each Author can be given access to specific projects. And, for tools like the IssueLibrary, the Rules Engine, or premium tools like the Remediation Tracker, Authors can be given action-based permissions. Do you only want Author #1 to be able to Read IssueLibrary entries but not create, update, or destroy them? You can do that! Do you want Author #2 to have full control over the Rules Engine? You can do that too!

AffectedCount and AffectedList controls

We’ve had the Affected content control for a long time. The Affected control exports a de-duplicated list of comma-separated Nodes for a specific Issue. But, what about if you needed each de-duplicated Node on a new line or in a bullet list? Or, what if you need to count the number of affected Nodes for your Issue?

We’ve rolled out 2 new content controls: AffectedList and AffectedCount. As you can see in the before/after example below, the AffectedList will export the same data as the old Affected content control, just in a list format. And, the AffectedCount will output the number of unique Nodes that the Issue is associated with.

The AffectedList and AffectedCount content controls can be used in your Word report templates

Do you need help updating your report template to use these new content controls? Email our support team and we’d be happy to help!

Project List table

We’ve also updated the Projects page to help you find that one Project you’re looking for. Your most recent projects will appear at the top of the screen as always. But, at the bottom, there’s now a sortable and filterable table. Click the column headings to sort the table by that field. Click the 2 columns dropdown to display different fields. And, type in a keyword to filter the table and display a subset of Projects.

The Projects Page now contains a sortable and filterable table

Release Notes

  • Add all activity view
  • Give dynamic columns, sorting and filtering to project list table
  • New Per-Tool Permissions
    • Premier the new project permission panel for testers
    • Introduce permission management for Issue Library, Rules Engine, and Remediation Tracker
  • Remove inconsistent content blocks breadcrumb
  • Render markup inside table columns
  • Update top navigation link styles and collapsed menu
  • Upgraded gems: rack, sanitize, sassc
  • Bugs fixed:
    • Comments:
    • Removes the edit link while editing
    • Fixes lingering comment borders after deleting comments
    • Resolves broken OVA and DUP upgrades on VM’s running in ESXi
    • Prevent icon overlap of long headers in secondary sidebar
    • Fixes overflow of long unbroken table cell text
    • Prevent text overflow on to select areas
    • Word report generation no longer errors with extra document properties
  • Integration enhancements:
    • IssueLib: markup rendered in columns
  • Reporting enhancements:
    • Excel: add Tag column
    • Word
      • New AffectedCount content control
      • New AffectedList content control (one host per line)
      • Update exported tables to have 100% width by default

Not using Dradis Pro on your team?

Year in Review – a future Dradis feature

Leave a reply

How many Dradis projects did you create this year? How many Issues did you find? Which were the most commonly found Issues? What was the most common severity of the Issues that you found?

Credit for this script idea goes to Marc Ligthart. His teammate reached out via the support inbox to see if we could create a quick “Year in Review” script that would list out the following:

1. Count of Projects created this year
2. Total Critical/High/Medium/Low Issues (by Tag)
3. Top 10 most found Issues (by title)
4. Top 10 most found Critical/High/Medium Issues (by title)

Dradis year in review script output example
Example output from the year in review script

You can already head over to our scripting repo and check out the Year in Review script. To use it:

1. SCP the file you your instance (e.g. to the /tmp folder)

2. Run the following in the command line as “dradispro”:
$ cd /opt/dradispro/dradispro/current/
$ RAILS_ENV=production bundle exec rails runner /tmp/year_in_review.rb

The output will list out the yearly review for all of the projects present on your Dradis instance.

Now, for the fun part? We want your feedback. If you like this idea, you’ll like version 2.0 even better. We want to include this functionality as part of the existing Business Intelligence Dashboard within Dradis. But first, we want to hear from you. What else would you like to see in a summary view like this in the BI Dashboard? What other metrics would be helpful for your team or what isn’t particularly useful about the current output? Please email our support team directly with feedback! We’re excited to continue working with you in 2020 and get you some more valuable insights into your Dradis usage along the way.

Comments, notifications, & subscriptions

Leave a reply

Efficiently collaborate with your team using comments, notifications, and subscriptions inside of Dradis.

We heard you. There are times that you need to discuss a Dradis project with your team. Gone are the days of jumping on Slack or sending an email with a question or request for edits. Instead, leave a comment! Keep all of your Dradis talk inside Dradis.

Comments, notifications, and subscriptions are brand new in Dradis Community Edition (CE) v3.10 (and coming in the next release of Dradis Pro!).

Let’s jump straight into an example of how these new features improve team collaboration:

I’m working on Dradis CE (username rachkor) and have a question for another team member (username daniel). He wrote up a new Issue, but I think that the solution needs expanding. Instead of writing an email or finding him on chat, I scroll to the comment form at the bottom of the Issue:

Add comments to your Dradis Issues

Not only can I comment on the Issue, but I can also mention @daniel by name:

Mention other Dradis users in your comments

The next time Daniel logs in to Dradis, he’ll be greeted by a notification from me:

Get notifications from any mentions in Dradis comments

Comments are included in the Recent activity feed so that you can keep up with your team as a whole, even if you aren’t involved in a specific conversation.

When you comment on an Issue or a teammate mentions you in a comment, you’ll be automatically subscribed to that Issue. If you need to subscribe (or unsubscribe!) from notifications on a specific Issue, click the subscribe/unsubscribe button:

Subscribe or unsubscribe from comment notifications

We’re excited to unveil this new phase of collaboration within Dradis and can’t wait to hear what you think! Want to check it out? Grab the latest version of Dradis CE from GitHub with these instructions and test out the comments, notifications, and subscriptions. These new features will ship in the next release of Dradis Pro. If you’re a Pro user, stay tuned for a release notice soon!

Not using Dradis yet? Learn more about the Dradis Framework and all the time you could save.