Dradis Framework - Sharing Information will get you Root

Presented at DEF CON 17 (2009), Aug. 2, 2009, noon (50 minutes)

dradis is not a dream any more. It is a mature framework. Information sharing taken to a new level. If you are in the security industry is because you want to break stuff. Not because you like wasting your time. Not because you love to write reports. Not because you enjoy doing things twice, or doing them manually if they could be scripted up. dradis' aim is to let you focus on what you like by making all the overhead something not to worry about. dradis is a framework that security testing teams use to combine the skillsets of their members to increase the likelihood of a successful breach. This is accomplished by gathering and sharing information using a flexible toolset that takes up the challenge of accommodating the creative and out-of-the-box thinking that is always associated with the security community. dradis is not only a tool, it is a new way of enabling collaboration in security testing. Follow a testing methodology or create a new methodology that others will follow. Gather the evidence you need for a test or extend the framework to gather the evidence for you... and this is just the beginning, welcome to the dradis world.

Presenters:

  • etd - Senior Security Consultant, NGS Software
    etd started with pentesting in Spain after studying electrical engineering. He is now working as a security consultant in the UK. He is passionate about security and equally passionate about the open source world with various contributions over the years. etd blogs on new tools, advisories and hack-fu techniques as a way of contributing back to the security community. He is currently obsessed on finding out ways to enhance the security consultancy practice so we can focus on the the real deal: hack the target.

Links:

Similar Presentations: