Supported Tools

The Plugin Manager can work with the output of many different tools/plugins but not all of them are supported in the same way. Check the list below to see what tools are included in the Plugin Manager as well as a list of all available templates and fields.

The Templates

The Plugin Manager can customize multiple templates for each Tool (e.g. one template for the Issues, another for the Evidence, etc.)

Plugin 03

Customize each template separately to get the exact output that you need for your report template. More on the specifics of integrating with your report template later.

The Fields

Each supported plugin has a list of fields that you can automatically import into your plugin template. Click on Available fields to view a popup of all the fields that the plugin supports.

Plugin 02

The combination of plugin templates and plugin fields take in your uploaded tool output and create a new Note, Issue, or Evidence in Dradis, customized exactly how you need it to be.

What does this template create when I upload my file?

You'll notice that each of the Supported Tools has a different naming convention for the different templates. These names match up with the field names within the different tool outputs. For example, the Nessus Report Item template corresponds to the data available in the ReportItem tags in the .nessus file.

Dradis::Plugins::Acunetix

The Report Item template defines Issue fields

The following fields are available:

report_item.name
report_item.module_name
report_item.severity
report_item.type
report_item.impact
report_item.description
report_item.detailed_information
report_item.recommendation
report_item.request
report_item.response
report_item.cvss_descriptor
report_item.cvss_score
report_item.cvss3_descriptor
report_item.cvss3_score
report_item.cvss3_tempscore
report_item.cvss3_envscore
report_item.cve_list
report_item.references

The Evidence template defines Evidence fields

The following fields are available:

evidence.details
evidence.affects
evidence.parameter
evidence.aop_source_file
evidence.aop_source_line
evidence.aop_additional
evidence.is_false_positive

The Scan template defines the fields for a Note set to the Default category on each Node.

The following fields are available:

scan.name
scan.short_name
scan.start_url
scan.start_time
scan.finish_time
scan.scan_time
scan.aborted
scan.responsive
scan.banner
scan.os
scan.web_server
scan.technologies

Dradis::Plugins::Brakeman

The Warning template defines the fields for a Note set to the Default category

The following fields are available:

warning.warning_type
warning.warning_code
warning.fingerprint
warning.message
warning.file
warning.line
warning.link
warning.code
warning.render_path
warning.location_type
warning.location_class
warning.location_method
warning.user_input
warning.confidence

The Scan info template defines the fields for a Note set to the Default category

The following fields are available:

scan_info.app_path
scan_info.rails_version
scan_info.security_warnings
scan_info.start_time
scan_info.end_time
scan_info.duration
scan_info.number_of_controllers
scan_info.number_of_models
scan_info.number_of_templates
scan_info.ruby_version
scan_info.brakeman_version

Dradis::Plugins::Burp

The Evidence template defines Evidence fields

The following fields are available:

issue.host
issue.path
issue.location
issue.severity
issue.confidence
issue.request
issue.response
issue.detail

The Issue template defines Issue fields

The following fields are available:

issue.name
issue.background
issue.remediation_background
issue.detail
issue.remediation_detail
issue.references
issue.vulnerability_classifications

The Html Evidence template defines fields for the instances of Evidence that are created when you upload a Burp HTML report. If you're uploading a Burp XML file, configure the Evidence template instead.

The following fields are available:

issue.host
issue.path
issue.location
issue.severity
issue.confidence
issue.request
issue.request_1
issue.request_2
issue.request_3
issue.response
issue.response_1
issue.response_2
issue.response_3

Dradis::Plugins::Metasploit

The Host Note template defines the fields for a Note set to the Default category

The following fields are available:

host_note.id
host_note.ntype
host_note.data

Dradis::Plugins::Nessus

The Evidence template defines Evidence fields

compliance.cm_actual_value
compliance.cm_audit_file
compliance.cm_check_id
compliance.cm_check_name
compliance.cm_info
compliance.cm_output
compliance.cm_policy_value
compliance.cm_reference
compliance.cm_result
compliance.cm_see_also
compliance.cm_solution
evidence.plugin_output
evidence.port
evidence.protocol
evidence.svc_name
evidence.severity
report_item.plugin_name

The Report item template defines Issue fields

The following fields are available:

report_item.port
report_item.svc_name
report_item.protocol
report_item.severity
report_item.plugin_id
report_item.plugin_name
report_item.plugin_family
report_item.exploitability_ease
report_item.vuln_publication_date
report_item.exploit_framework_canvas
report_item.exploit_framework_metasploit
report_item.exploit_framework_core
report_item.solution
report_item.risk_factor
report_item.description
report_item.plugin_publication_date
report_item.metasploit_name
report_item.cvss_vector
report_item.cvss3_vector
report_item.cvss_temporal_vector
report_item.cvss_temporal_score
report_item.cvss_base_score
report_item.cvss3_base_score
report_item.synopsis
report_item.exploit_available
report_item.patch_publication_date
report_item.plugin_modification_date
report_item.plugin_output
report_item.plugin_version
report_item.bid_entries
report_item.cve_entries
report_item.see_also_entries
report_item.xref_entries

The Report host template defines the fields for a Note set to the Default category on each Node

The following fields are available:

report_host.name
report_host.ip
report_host.fqdn
report_host.operating_system
report_host.mac_address
report_host.netbios_name
report_host.scan_start_time
report_host.scan_stop_time

Dradis::Plugins::Netsparker

The Evidence template defines Evidence fields

The following fields are available:

evidence.rawrequest
evidence.rawresponse
evidence.url
evidence.vulnerableparameter
evidence.vulnerableparametertype
evidence.vulnerableparametervalue

The Issue template defines Issue fields

The following fields are available:

issue.actions_to_take
issue.certainty
issue.classification_capec
issue.classification_cvss_vector
issue.classification_cvss_base_value
issue.classification_cvss_base_severity
issue.classification_cvss_environmental_value
issue.classification_cvss_environmental_severity
issue.classification_cvss_temporal_value
issue.classification_cvss_temporal_severity
issue.classification_cwe
issue.classification_hipaa
issue.classification_owasp2013
issue.classification_owasp2017
issue.classification_owasppc
issue.classification_pci31
issue.classification_pci32
issue.classification_wasc
issue.description
issue.external_references
issue.extrainformation
issue.impact
issue.knownvulnerabilities
issue.remedy
issue.remedy_references
issue.required_skills_for_exploitation
issue.severity
issue.title
issue.type

Dradis::Plugins::Nexpose

The Full evidence template defines Evidence fields

The following fields are available:

evidence.id
evidence.status
evidence.content

The Full vulnerability template defines Issue fields

The following fields are available:

vulnerability.added
vulnerability.cvss_score
vulnerability.cvss_vector
vulnerability.description
vulnerability.modified
vulnerability.nexpose_id
vulnerability.pci_severity
vulnerability.published
vulnerability.references
vulnerability.severity
vulnerability.solution
vulnerability.tags
vulnerability.title

The Full Scan template defines the fields for a Note set to the Default category on the Nexpose Scan Summary Node

The following fields are available:

scan.end_time
scan.name
scan.scan_id
scan.start_time
scan.status

For a simple scan format, the Simple port template defines the fields for a Note set to the Default category for each Port associated with a specific Host (e.g. Node)

The following fields are available:

port.finding
port.id

For a full scan format, the Full service template defines the fields for a Note set to the Default category for each Service associated with a specific Host (e.g. Node)

The following fields are available:

service.configurations
service.fingerprints
service.name
service.tests

The Full node template defines the fields for a Note set to the Default category on each Node

The following fields are available:

node.address
node.device_id
node.fingerprints
node.hardware_address
node.names
node.tests
node.site_name
node.status
node.software

Dradis::Plugins::Nikto

The Evidence template defines Evidence fields

The following fields are available:

item.request_method
item.uri
item.namelink
item.iplink

The Item template defines Issue fields

The following fields are available:

item.id
item.request_method
item.osvdbid
item.osvdblink
item.description
item.uri
item.namelink
item.iplink

The Scan template defines the fields for a Note set to the Default category on each Node

The following fields are available:

scan.filename
scan.targetip
scan.targethostname
scan.targetport
scan.targetbanner
scan.starttime
scan.sitename
scan.siteip
scan.hostheader
scan.errors
scan.checks

The SSL template defines the fields for a Note set to the Default category on each Node

The following fields are available:

ssl.ciphers
ssl.issuers
ssl.info

Dradis::Plugins::Nmap

The Host template defines the fields for a Note set to the Default category on each Node

The following fields are available:

host.hostnames
host.ip
host.service_table
host.os

The Port template defines the fields for a Note set to the Default category for each Port associated with a specific Host (e.g. Node)

The following fields are available:

port.number
port.protocol
port.state
port.reason
port.service.name
port.service.product
port.service.tunnel
port.service.version
port.host

Dradis::Plugins::NTOSpider

The Evidence template defines Evidence fields

The following fields are available:

evidence.web_site
evidence.vuln_url
evidence.normalized_url
evidence.vuln_param

The Vuln template defines Issue fields

The following fields are available:

vuln.attack_class
vuln.attack_score
vuln.attack_type
vuln.attack_value
vuln.capec
vuln.cwe_id
vuln.description
vuln.dissa_asc
vuln.normalized_url
vuln.oval
vuln.owasp2007
vuln.owasp2010
vuln.owasp2013
vuln.recommendation
vuln.vuln_method
vuln.vuln_param
vuln.vuln_type
vuln.vuln_url

Dradis::Plugins::OpenVAS

The Evidence template defines Evidence fields

The following fields are available:

evidence.port
evidence.description

The Result template defines Issue fields

The following fields are available:

result.threat
result.description
result.original_threat
result.notes
result.overrides
result.name
result.cvss_base
result.cvss_base_vector
result.risk_factor
result.cve
result.bid
result.xref
result.summary
result.insight
result.info_gathered
result.impact
result.impact_level
result.affected_software
result.solution

Dradis::Plugins::Qualys

The Evidence template defines Evidence fields

The following fields are available:

evidence.cat_fqdn
evidence.cat_misc
evidence.cat_port
evidence.cat_protocol
evidence.cat_value
evidence.result

The Element template defines Issue fields

The following fields are available:

element.number
element.severity
element.cveid
element.title
element.last_update
element.cvss_base
element.cvss_temporal
element.pci_flag
element.vendor_reference_list
element.cve_id_list
element.bugtraq_id_list
element.diagnosis
element.consequence
element.solution
element.compliance
element.result

Dradis::Plugins::Saint

The Evidence template defines Evidence fields

The following fields are available:

evidence.port
evidence.severity
evidence.class
evidence.cve
evidence.cvss_base_score

The Vulnerability template defines Issue fields

The following fields are available:

vulnerability.description
vulnerability.hostname
vulnerability.ipaddr
vulnerability.hosttype
vulnerability.scan_time
vulnerability.status
vulnerability.severity
vulnerability.cve
vulnerability.cvss_base_score
vulnerability.impact
vulnerability.background
vulnerability.problem
vulnerability.resolution
vulnerability.reference

Dradis::Plugins::Zap

The Evidence template defines Evidence fields

The following fields are available:

evidence.uri
evidence.param
evidence.attack

The Issue template defines Issue fields

The following fields are available:

issue.pluginid
issue.alert
issue.riskcode
issue.confidence
issue.riskdesc
issue.desc
issue.count
issue.solution
issue.otherinfo
issue.reference
issue.cweid
issue.wascid

Now that you understand how the Plugin Manager uses Tools, Templates, and Fields together to customize your findings, let's move on and integrate the Plugin Manager with YOUR report template.