Sharing information with the Dradis framework
In our previous recipes, we learned several techniques for gaining information about our target. While performing penetration tests, we may need to share information with other pen-testers which may be located at other physical locations. In that case, sharing the penetration testing information can be made easier by using the Dradis framework. It is an open source framework for sharing information during security assessments. It has several features which makes it an excellent information-sharing tool. Some of them are:
- Communicating over SSL
- Attachment of files and notes
- Import scan results from Nessus, NeXpose, and so on
- Can be extended to connect with external systems like a vulnerability database ...