Defcon17 - dradis Framework: sharing information will get you root
- 1. dradis Framework dradis Framework sharing information will get you root http://dradisframework.org/ Daniel Martín Gómez etd@ngssoftware.com august 2009 1
- 2. dradis Framework dradis Framework sharing information will get you root http://dradisframework.org/ Daniel Martín Gómez etd@ngssoftware.com august 2009 2
- 3. Agenda ➔ In the begining, there was nothing ➔ The dradis project ➔ The Framework ➔ Demo
- 4. dradis Framework In the begining, there was nothing 4
- 5. In the begining, there was nothing ✔ port scan Information ✔ vuln. scan Discovery ✔ web app scan ✔ ... 5
- 6. In the begining, there was nothing ✔ port scan Information ✔ vuln. scan Discovery ✔ web app scan ✔ ... ✔ metasploit Exploiting ✔ milw0rm ✔ ... 6
- 7. In the begining, there was nothing ✔ port scan Information ✔ vuln. scan Discovery ✔ web app scan ✔ ... ✔ metasploit Exploiting ✔ milw0rm ✔ ... ✔ word Reporting ✔ pdf tools ✔ ... 7
- 8. In the begining, there was nothing Information Discovery What about sharing the Exploiting information? Reporting 8
- 9. In the begigin, there was nothing Why do we need THAT? 9
- 10. why do we need it? 10
- 11. why do we need it? 11
- 12. why do we need it? Scheduling Madness 12
- 13. Agenda ➔ In the begining, there was nothing ➔ The dradis project
- 14. dradis Framework The dradis project ➔ Project goals ➔ Technology behind the scenes ➔ Evolution ➔ Why dradis? 14
- 15. The dradis project Project goals 15
- 16. The dradis project 4 goals for the project ➔ share information effectively 16
- 17. The dradis project 4 goals for the project ➔ share information effectively ➔ easy to use and adopt 17
- 18. The dradis project 4 goals for the project ➔ share information effectively ➔ easy to use and adopt ➔ flexibility 18
- 19. The dradis project 4 goals for the project ➔ share information effectively ➔ easy to use and adopt ➔ flexibility ➔ small and portable 19
- 20. dradis Framework The dradis project ➔ Project goals ➔ Technology behind the scenes 20
- 21. dradis Framework Technology behind the scenes 21
- 22. Technology behind the scenes REST Database Web 22
- 23. dradis Framework The dradis project ➔ Project goals ➔ Technology behind the scenes ➔ Evolution 23
- 24. The dradis project Evolution 2007 - ... 24
- 25. The Framework Activity 25
- 26. The Framework Downloads 26
- 27. The dradis project Why DRADIS ? < 27
- 28. Agenda ➔ In the begining, there was nothing ➔ The dradis project ➔ The Framework
- 29. dradis Framework The Framework ➔ Impossible is nothing ➔ dradis Plugins ➔ The Meta Server 29
- 30. The dradis project Impossible is nothing 30
- 31. Impossible is Nothing DRADIS 31
- 32. Impossible is Nothing DRADIS 32
- 33. Impossible is Nothing DRADIS Vuln. DB 33
- 34. Impossible is Nothing DRADIS Vuln. DB 34
- 35. dradis Framework The Framework ➔ Impossible is nothing ➔ dradis Plugins 35
- 36. The dradis project dradis Plugins 36
- 37. dradis Plugins Convention over configuration module Plugins module Upload include NmapUpload end end 37
- 38. dradis Plugins Convention over configuration module Plugins module Upload include NmapUpload end end ./script/generate upload_plugin nessus 38
- 39. dradis Framework The Framework ➔ Impossible is nothing ➔ dradis Plugins ➔ The Meta Server 39
- 40. The dradis project The Meta Server “ The dradis Meta Server will be cooler than giant robots smashing into other giant robots!” dradis-devel mailing list : 2009-06-29 40
- 41. The Meta-Server 41
- 42. The Meta-Server 42
- 43. The Meta-Server Archive 43
- 44. The Meta-Server Archive Backup 44
- 45. The Meta-Server Archive Backup Intelligence ( Stats? ) 45
- 46. Agenda ➔ In the begining, there was nothing ➔ The dradis project ➔ The Framework ➔ Demo
- 47. dradis Framework Thanks. 47
- 48. dradis Framework dradis Framework http://dradisframework.org/ Daniel Martín Gómez etd@ngssoftware.com #dradis irc.freenode.org 48