WebApp Sec mailing list archives
Re: [tool] dradis v2.0 released
From: etd <etd () nomejortu com>
Date: Wed, 04 Feb 2009 10:15:13 +0000
Hi, Thank you very much for your feedback. We are excited about getting this kind of input to guide the dradis development to a well tailored solution. In response to the points you rise:
1.Opening the client end ( console) and typing help doesn't have certain registered commands available in the previous version like add.Without this i feel the client end (console) is of no use.
We have been refactoring the dradis client (i.e. keep adding the SOAP mixing again and again did not make sense! - see [i]). The truth is that as you say, the documentation is not that great, but the functionality is still there. We had a discussion on the mailing list [ii] a few weeks ago on the discrepancies of the evolution of the different interfaces. That is why the current console documentation is not completely updated. If you check the rdocs [iii] you will find the *missing* methods. I know it is not ideal, and I apologize for that, but we are already working on this for the next release.
2.the tools lacks in adequate documentation stating the directives available to be used in configuration files like server end configuration file databases.yml.
You are right, we are assuming a certain degree of familiarity with the Ruby on Rails framework, but this does not have to be the case. The database.yml is a configuration file of the framework. By default uses Sqlite3 as a back-end database but many different DBs are supported. In the configuration section of the site [iv] you can find how to set up a MySQL connection and also information on other supported engines. I hope this all goes somewhere towards answering your questions. Please feel free to get back to us with any issues, also remember that can always join the project's mailing list at [v]. Regards, etd [i] http://sourceforge.net/mailarchive/forum.php?thread_name=492D7E10.7060709%40nomejortu.com&forum_name=dradis-devel [ii] http://sourceforge.net/mailarchive/forum.php?thread_name=E1Kzf43-0004Hq-2y%40arion.hosts.co.uk&forum_name=dradis-devel [iii] Core::Providers::DataStore::Provider: http://dradis.nomejortu.com/rdoc/ [iv] http://dradis.nomejortu.com/configure.html#configure [v] https://lists.sourceforge.net/lists/listinfo/dradis-devel love.wadhwa () naukri com wrote:
On Tue, 2009-02-03 at 14:57 +0530, love.wadhwa () naukri com wrote:Hi all Tried the new version of this.Had certain problems: 1.Opening the client end ( console) and typing help doesn't have certain registered commands available in the previous version like add.Without this i feel the client end (console) is of no use. 2.the tools lacks in adequate documentation stating the directives available to be used in configuration files like server end configuration file databases.yml. The earlier versions have the limitation of selected nodes available on server interface. Any one out there to help. On Fri, 2009-01-30 at 04:49 +0530, etd wrote:What is dradis? --------------------------------------------------- - dradis is an open source tool for sharing information during security assessments. - It provides a centralized repository of information to keep track of what has been done so far, and what is still ahead. - Client/server architecture with a web interface Why should I care? --------------------------------------------------- - If your are in a lengthy engagement, having all the information in one place will make things easier. Everyone is in the same page. - If your team changes (i.e. someone joins half the way through), it will be useful to bring them up to speed. - It's flexible, you don't need to adapt your methodology to use it. - Is provides a web service interface so you can connect it with your existing vulnerability database or reporting tool. What does it look like? Where do I get more info.? --------------------------------------------------- - Flash demo: http://dradis.nomejortu.com/videos/dradis2-01.html - Screenshots: http://dradis.nomejortu.com/screenshots.html - Project info: http://sourceforge.net/projects/dradis http://freshmeat.net/projects/dradis http://dradis.sourceforge.net/ - More info, changelog, features: http://usefulfor.com/security/2009/01/30/dradis-v2 ------------------------------------------------------------------------- Sponsored by: Watchfire Methodologies & Tools for Web Application Security Assessment With the rapid rise in the number and types of security threats, web application security assessments should be considered a crucial phase in the development of any web application. What methodology should be followed? What tools can accelerate the assessment process? Download this Whitepaper today! https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F -------------------------------------------------------------------------
------------------------------------------------------------------------- Sponsored by: Watchfire Methodologies & Tools for Web Application Security Assessment With the rapid rise in the number and types of security threats, web application security assessments should be considered a crucial phase in the development of any web application. What methodology should be followed? What tools can accelerate the assessment process? Download this Whitepaper today! https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F -------------------------------------------------------------------------
Current thread:
- [tool] dradis v2.0 released etd (Feb 01)
- Re: [tool] dradis v2.0 released love.wadhwa () naukri com (Feb 03)
- Message not available
- Re: [tool] dradis v2.0 released etd (Feb 04)
- Message not available
- Re: [tool] dradis v2.0 released love.wadhwa () naukri com (Feb 03)