Reportingcollaborationreportingpenetration-testingscanners

Dradis

Dradis is a collaboration tool for penetration testing that simplifies reporting and team coordination. It helps combine scanner outputs and ensures consistent assessment quality.

Description

Dradis is an open-source project released in 2007, refined over a decade by security professionals worldwide. It helps penetration testers spend more time testing and less time reporting by providing a centralized platform for collaboration.

The tool ensures consistent quality across assessments and enables combining outputs from favorite scanners into a unified framework. This makes it ideal for team-based engagements where multiple testers need to share findings efficiently.

Dradis serves as a self-hosted web application accessible via localhost, facilitating real-time collaboration during penetration testing projects.

How It Works

Dradis operates as a Ruby-based web application served through Bundler on port 3000 (http://127.0.0.1:3000 and http://[::1]:3000). It is managed as a systemd service (dradis.service) that can be started and stopped using dedicated control scripts. The platform provides a web interface for importing scanner outputs, organizing findings, and generating reports through a centralized database backend.

Installation

bash

sudo apt install dradis

Examples

Starts the Dradis web application service

service dradis start

Displays help information for the dradis command (shows lsof usage due to port specification issue)

dradis -h

Displays help/status for dradis-stop command and shows service status information

dradis-stop -h

Stops the Dradis web application service gracefully

dradis-stop

Alternative method to stop Dradis service via systemd (shown in service logs)

systemctl stop dradis.service

Checks the status of the Dradis systemd service

systemctl status dradis.service

Updated 2026-04-16kali.org ↗