Send issues directly from Burp's Scanner into your Dradis project using the REST API.
This guide contains:
This guide assumes that you have Burp Professional Edition installed and activated on your local system. If you don't have Burp Professional Edition installed and activated, please visit the PortSwigger website for more details.
At this time, the Burp-Dradis extension creates Issues, but not the corresponding Evidence. We welcome any pull requests on the burp-dradis GitHub repo for this open-source add-on!
Within the Burp interface, navigate to the Extender tab, open the BApp Store tab, and select the Dradis Framework extension.
Click Download JRuby and download a
.jar file from JRuby.
Back in the Burp interface, navigate to the Extender tab and open the Options tab.
Under Ruby Environment, select the
.jar file from your local system.
Navigate back to the Extender tab, open the BApp Store tab, and click Refresh List.
Select the Dradis Framework extension again and confirm that the Install button is now available.
If the Install button is not available, check the Ruby Environment configuration and the
.jar file that you selected.
Click Install and confirm thaht the Installed checkbox is now selected for Dradis Framework in the list of extensions.
Under the Dradis Framework tab, you'll need to configure several values.
If you don't see the Dradis Framework tab, make sure that you've properly installed the burp-dradis extension.
This is the URL of your Dradis instance. Enter that value into the Dradis URL field in Burp's Dradis Framework tab.
Log in to Dradis and open up your profile by clicking the avatar icon in the top right corner of your screen. Then, select Profile from the dropdown that appears.
On your Profile page, scroll down below Confirm password to find your API token:
Paste that API token value into the API Token field in Burp's Dradis Framework tab.
Find the ID of the Project you want to send the Issues to by examining the URL within Dradis. If the Project ID is 23 the URL will look like
Enter that ID value into the Project ID field in Burp's Dradis Framework tab.
This one is easy! Set it to:
Once you've configured all of the values above, don't forget to click Save before moving on!
First, do your thing! Collect all your data within Burp. Run scans, perform tests, and find issues.
If you see this message, congratulations! You just sent an Issue from Burp to your Dradis Project.
Great job, you reached the end of the guide! Have you read all of them?