OSCP-Exam-Report-Template-Markdown
public-pentesting-reports
Our great sponsors
OSCP-Exam-Report-Template-Markdown | public-pentesting-reports | |
---|---|---|
21 | 27 | |
3,300 | 8,095 | |
- | - | |
4.6 | 5.4 | |
2 months ago | 11 days ago | |
Ruby | HTML | |
MIT License | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
OSCP-Exam-Report-Template-Markdown
-
Exam Complete -- Got enough points but am worried about the report.
Thank you! Yes, I used https://github.com/noraj/OSCP-Exam-Report-Template-Markdown and included vulnerability details, as well as how to fix the vulnerability and it got lengthy which I think was unnecessary, but I tried to make it nice and be thorough. I probably should've put more time in trying to fix the other issues I had but oh well.
- Passed OSCP about two weeks ago
- Your usual last minute exam tips request
-
OSCP report : Table of content
I am in the process of redacting my report. In fact, I have already documented all 10 machines and all exercises in the lab. However, i have still a question regarding the expected content of it, as the official template as well as some famous templates such as this one mention a whole introduction section containing among all introduction, objectives, requirements, methodologies...
-
I neglected to update the table of contents in my exam report, and it still refers to everything in the default template lol
Here a good starting point: https://github.com/noraj/OSCP-Exam-Report-Template-Markdown
-
Several questions on prep of OSWE
Also you can take a look at the OSWE Exam Report Template in Markdown I you prefer to avoid Word.
-
My OSCP Experience
I wrote my reports in Markdown using the format here. I researched more about pandoc and decided to convert my Markdown documents to docx first, edit them in LibreOffice (Page Breaks, better Table of Contents), and export them to PDF for submission Test your report conversion before the exam. This helped me figure out issues with my report conversion before the exam (issues with special characters in my terminal), and switch to a system that works. Another good report format can be found here, this one provides resources
- Tips for how to make the report writing as painless as possible?
-
Information about the lab exercise + reports for the 10 points
However things I did do right was to right the whole thing in markdown in obsidian. I used flameshot to get all my screenshots and converted the markdown to a pdf with eisvogel using this GitHub as a template https://github.com/noraj/OSCP-Exam-Report-Template-Markdown
- OSCP Report Generation
public-pentesting-reports
-
Yet another eCPPTv2 Review
You might find https://github.com/juliocesarfort/public-pentesting-reports repository useful if you need to see how reports are generally structured and written.
-
Reporting question
As for templates, to be honest, I haven't come across many templates floating around. You could look through public pentest reports (https://github.com/juliocesarfort/public-pentesting-reports) and borrow the bits that you prefer and drop them into TCM's template and make it your own.
-
Redteam sanitized report
I know of this site https://redteam.guide/docs/Templates/report_template/ which for me is down but maybe that is temporary, otherwise seek the cached or wayback version. There are also these https://github.com/juliocesarfort/public-pentesting-reports which are pentesting reports but you may find a number that are more about red teaming or have elements of red teaming which you can refer to.
-
Wanting to get into to security
A repository of pentest reports. Writing reports is the most important component of pentesting and redteaming. A pentester who cannot explain what they did, what they found and what the recipient should do to fix their issues is of limited value.
- Penetration testing reports
-
Information to include when writing a Pentesting Report
If you're anything like me, examples help tremendously and so: https://github.com/juliocesarfort/public-pentesting-reports
-
What is a good way to evaluate a pentesting agency?
For good examples, look here. I'd do a test with most of the firms on that list.
- I need help with a pentest report :(
- How often do you communicate with non-technical people in this field?
-
Log4j: The Pain Just Keeps Going and Going
I'd say don't let yourself be discouraged by GP. Just look into a company before you apply. Many have public reports you could look at or security research they publish, both of which you could use as indicators.
Here's a repo with lots of public audit reports by various companies, you could use that as a starting point: https://github.com/juliocesarfort/public-pentesting-reports
What are some alternatives?
CherryTree - cherrytree
pandoc-latex-template - A pandoc LaTeX template to convert markdown files to PDF or LaTeX.
writehat - A pentest reporting tool written in Python. Free yourself from Microsoft Word.
TJ-JPT - This repo contains my pentesting template that I have used in PWK and for current assessments. The template has been formatted to be used in Joplin
atomic-red-team - Small and highly portable detection tests based on MITRE's ATT&CK.
awesome-oscp - A curated list of awesome OSCP resources
tmux-logging - Easy logging and screen capturing for Tmux.
pentest-notes
Serpico - SimplE RePort wrIting and COllaboration tool
OSCP-Exam-Report-Template - Modified template for the OSCP Exam and Labs. Used during my passing attempt