This repo contains scripts you can run in the context of your Dradis Pro appliance. They show how to query the internal database to perform complex operations, gather statistics and more.
- Clone the repo into your laptop
git clone https://github.com/securityroots/dradispro-scripting.git
- Choose one of the scripts or create a new one by modifying it for your needs.
- SCP it across to your Dradis Pro appliance:
$ scp find_xss.rb dradispro@[dradis-ip]:/opt/dradispro/dradispro/current/
- Run the script in the context of the application
$ ssh dradispro@[dradis-ip]
$ cd /opt/dradispro/dradispro/current/
$ RAILS_ENV=production bundle exec rails runner find_xss.rb
bi_fields.rb
- Return the Custom Project Properties from the BI Dashboard for a specific project/bash_files/bulk_upload.sh
- Upload multiple tool output files to a project at once, one plugin at a timecreate_project.rb
- Create a project with a name passed as argument and return the assigned IDdaily_summary.rb
- Finds and outputs all of the Issues added to Dradis in the past 24 hoursdelete_nodes_without_evidence.rb
- Deletes Host Nodes that don't have any Evidence associated with them in a specific projectexport_issuelib.rb
- Exports all your IssueLibrary entries to a single fileexport_rt.rb
- Exports all your Remediation Tracker tickets to a single filefind_xss.rb
- Find recent projects with XSS Issues in themissue_id.html.erb
- Adds the unique issue identifier from your Dradis instance to each issue in a project in a new ID fieldload_project_from_api
- Query a remote JSON API response to get project data and create matching Projects in the Dradis applianceproject_association_check.rb
- Checks to make sure all projects are associated with a report templateproject_stats.rb
- Find which issues have been found across multiple projects and other project statsrecover_trash.rb
- Restores all the items from the Trash feature in a single projectupdate_content_blocks.rb
- Return and edit Content Blocks associated with a specific projectupdate_issuelib_entries.rb
- Find/replace and add fields to your IssueLibrary entries
Great question:
- Check the script source, there should be a comment near the top with a brief intro.
- Check the Command Line Interface guide in the support site.