Re: [tool] dradis v2.0 released

[etd <etd () nomejortu com>]

Hi,

Thank you very much for your feedback. We are excited about getting this
kind of input to guide the dradis development to a well tailored
solution. In response to the points you rise:

> > 1.Opening the client end ( console) and typing help doesn't have
> > certain registered commands available in the previous version like
> > add.Without this i feel the client end (console) is of no use.

We have been refactoring the dradis client (i.e. keep adding the SOAP
mixing again and again did not make sense! -  see [i]). The truth is
that as you say, the documentation is not that great, but the
functionality is still there.

We had a discussion on the mailing list [ii] a few weeks ago on the
discrepancies of the evolution of the different interfaces. That is why
the current console documentation is not completely updated.

If you check the rdocs [iii] you will find the *missing* methods. I know
it is not ideal, and I apologize for that, but we are already working on
this for the next release.

> > 2.the tools lacks in adequate documentation stating the directives
> > available to be used in configuration files like server end
> > configuration file databases.yml.

You are right, we are assuming a certain degree of familiarity with the
Ruby on Rails framework, but this does not have to be the case. The
database.yml is a configuration file of the framework. By default uses
Sqlite3 as a back-end database but many different DBs are supported. In
the configuration section of the site [iv] you can find how to set up a
MySQL connection and also information on other supported engines.

I hope this all goes somewhere towards answering your questions. Please
feel free to get back to us with any issues, also remember that can
always join the project's mailing list at [v].

Regards,

etd


[i]
http://sourceforge.net/mailarchive/forum.php?thread_name=492D7E10.7060709%40nomejortu.com&forum_name=dradis-devel
[ii]
http://sourceforge.net/mailarchive/forum.php?thread_name=E1Kzf43-0004Hq-2y%40arion.hosts.co.uk&forum_name=dradis-devel

[iii] Core::Providers::DataStore::Provider:
http://dradis.nomejortu.com/rdoc/

[iv] http://dradis.nomejortu.com/configure.html#configure
[v] https://lists.sourceforge.net/lists/listinfo/dradis-devel


love.wadhwa () naukri com wrote:
> On Tue, 2009-02-03 at 14:57 +0530, love.wadhwa () naukri com wrote:
> > Hi all
> >
> > Tried the new version of this.Had certain problems:
> >
> > 1.Opening the client end ( console) and typing help doesn't have certain
> > registered commands available in the previous version like add.Without
> > this i feel the client end (console) is of no use.
> >
> > 2.the tools lacks in adequate documentation stating the directives
> > available to be used in configuration files like server end
> > configuration file databases.yml.
> >
> > The earlier versions have the limitation of selected nodes available on server interface.
> >
> > Any one out there to help. 
> >
> >
> > On Fri, 2009-01-30 at 04:49 +0530, etd wrote:
> > > What is dradis?
> > > ---------------------------------------------------
> > > - dradis is an open source tool for sharing information during security
> > > assessments.
> > > - It provides a centralized repository of information to keep track of
> > > what has been done so far, and what is still ahead.
> > > - Client/server architecture with a web interface
> > >
> > > Why should I care?
> > > ---------------------------------------------------
> > > - If your are in a lengthy engagement, having all the information in one
> > > place will make things easier. Everyone is in the same page.
> > > - If your team changes (i.e. someone joins half the way through), it
> > > will be useful to bring them up to speed.
> > > - It's flexible, you don't need to adapt your methodology to use it.
> > > - Is provides a web service interface so you can connect it with your
> > > existing vulnerability database or reporting tool.
> > >
> > > What does it look like? Where do I get more info.?
> > > ---------------------------------------------------
> > > - Flash demo:
> > >   http://dradis.nomejortu.com/videos/dradis2-01.html
> > >
> > > - Screenshots:
> > >   http://dradis.nomejortu.com/screenshots.html
> > >
> > > - Project info:
> > >   http://sourceforge.net/projects/dradis
> > >   http://freshmeat.net/projects/dradis
> > >   http://dradis.sourceforge.net/
> > >
> > > - More info, changelog, features:
> > >   http://usefulfor.com/security/2009/01/30/dradis-v2
> > >
> > > -------------------------------------------------------------------------
> > > Sponsored by: Watchfire
> > > Methodologies & Tools for Web Application Security Assessment
> > > With the rapid rise in the number and types of security threats, web application security assessments should be 
> > > considered a crucial phase in the development of any web application. What methodology should be followed? What 
> > > tools can accelerate the assessment process? Download this Whitepaper today!
> > >
> > > https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F
> > > -------------------------------------------------------------------------

-------------------------------------------------------------------------
Sponsored by: Watchfire 
Methodologies & Tools for Web Application Security Assessment 
With the rapid rise in the number and types of security threats, web application security assessments should be 
considered a crucial phase in the development of any web application. What methodology should be followed? What tools 
can accelerate the assessment process? Download this Whitepaper today! 

https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F
-------------------------------------------------------------------------