Daniel Martin

New in Dradis 5 - Reporting Enhancements - Paragraph alignments - Image alignment - Image border styling - Image resizing - Image captions in-app rendering 1/10

The new layout was🤌 and the labs setup! 🤯

@BlackHatEvents Whoever created these deserves a medal🥇👏

Great to be back at @BlackHatEvents !!

@dradisfw New in Dradis 5 - Inline Comments for QA GitHub style inline-comments for more precise and easier to follow QA conversations It's easier to discuss different sections of your assessment, resolve conversations, and jump back and forth the pending items. 10/10

@dradisfw New in Dradis 5 - Personal Access Tokens (PAT) More and more users are connecting their agents to the platform. We've introduced Personal Access Tokens so you can conveniently scope access: each agent restricted to the minimum privilege needed for the task at hand. 9/10

New in Dradis 5 - Reporting Enhancements - Paragraph alignments - Image alignment - Image border styling - Image resizing - Image captions in-app rendering 1/10

I shipped @dradisfw publicly at DEF CON 17 in 2009. The commercial version followed in 2010. Every pentest management platform on the market today launched after that. 1/2

Turns out Dradis is in 20+ cybersecurity text books. Authors included it because they could look at the code, run the tool, try for themselves. It passed the quality bar. That's different from a vendor-issued case study. dradis.com/why-dradis/ris…

A big team is running a "vendor risk assessment" (I know). It means separating authentic validation from marketing arrangements. For @dradisfw, the evidence is in places we don't control: certification study guides, Kali Linux's, Black Hat's Arsenal selection committee, books...

@dradisfw from zero to ready in 60s: curl -fsSL get.dradis.com | /bin/bash New kits: - Infrastructure pentest - OWASP 2025 webapp - Red Team assessment

@lkr Projects, agents, or an organised .claude/ help. I like how OpenClaw puts it: > Each session, you wake up fresh. These files _are_ your memory. Read them. Update them. They're how you persist.

So a mental shift I've had recently with claude code is truly understanding that it has only the assets you've given it in that session. Because it talks like a human, we often feel surprised/frustrated when it doesn't remember a convo it just had, or it can't find a tool we just installed. But if it doesn't have some kind of path to knowing they exist, it never will. And it's "memory" works absolutely nothing like ours does, it should be called something else. You CAN'T think of it like a human coworker or you'll hit constant failure and frustration.

Turns out we ended the week not only with 3 new OWASP HTML templates, we added a new Red Team template, and 2 additional user portal themes (dark mode, export to PDF, the works!). Sneak peak: