keychain-swift
public-pentesting-reports
| keychain-swift | public-pentesting-reports | |
|---|---|---|
| 2 | 27 | |
| 2,711 | 8,095 | |
| - | - | |
| 5.2 | 5.4 | |
| 17 days ago | 15 days ago | |
| Swift | HTML | |
| MIT License | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
keychain-swift
-
WidgetKit + REST authentication
You should be using Keychain for all secrets. You can specify an "access group" that can be used across processes. The API sucks so I use the keychain-swift wrapper.
-
Log4j: The Pain Just Keeps Going and Going
The only one of those that I didn't write, was KeychainSwift[0]. It makes dealing with the Keychain easy, and is a very simple dependency. If it went off the rails, I'd write something like it, myself.
All the others, are in my own repos, as top-shelf-quality open-source modules.
[0] https://github.com/evgenyneu/keychain-swift
public-pentesting-reports
-
Yet another eCPPTv2 Review
You might find https://github.com/juliocesarfort/public-pentesting-reports repository useful if you need to see how reports are generally structured and written.
-
Reporting question
As for templates, to be honest, I haven't come across many templates floating around. You could look through public pentest reports (https://github.com/juliocesarfort/public-pentesting-reports) and borrow the bits that you prefer and drop them into TCM's template and make it your own.
-
Redteam sanitized report
I know of this site https://redteam.guide/docs/Templates/report_template/ which for me is down but maybe that is temporary, otherwise seek the cached or wayback version. There are also these https://github.com/juliocesarfort/public-pentesting-reports which are pentesting reports but you may find a number that are more about red teaming or have elements of red teaming which you can refer to.
-
Wanting to get into to security
A repository of pentest reports. Writing reports is the most important component of pentesting and redteaming. A pentester who cannot explain what they did, what they found and what the recipient should do to fix their issues is of limited value.
- Penetration testing reports
-
Information to include when writing a Pentesting Report
If you're anything like me, examples help tremendously and so: https://github.com/juliocesarfort/public-pentesting-reports
-
What is a good way to evaluate a pentesting agency?
For good examples, look here. I'd do a test with most of the firms on that list.
- I need help with a pentest report :(
- How often do you communicate with non-technical people in this field?
-
Log4j: The Pain Just Keeps Going and Going
I'd say don't let yourself be discouraged by GP. Just look into a company before you apply. Many have public reports you could look at or security research they publish, both of which you could use as indicators.
Here's a repo with lots of public audit reports by various companies, you could use that as a starting point: https://github.com/juliocesarfort/public-pentesting-reports
What are some alternatives?
KeychainAccess - Simple Swift wrapper for Keychain that works on iOS, watchOS, tvOS and macOS.
OSCP-Exam-Report-Template-Markdown - :orange_book: Markdown Templates for Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP exam report
Valet - Valet lets you securely store data in the iOS, tvOS, or macOS Keychain without knowing a thing about how the Keychain works. It’s easy. We promise.
CherryTree - cherrytree
Locksmith - A powerful, protocol-oriented library for working with the keychain in Swift.
writehat - A pentest reporting tool written in Python. Free yourself from Microsoft Word.
SwiftKeychainWrapper - A simple wrapper for the iOS Keychain to allow you to use it in a similar fashion to User Defaults. Written in Swift.
atomic-red-team - Small and highly portable detection tests based on MITRE's ATT&CK.
Latch - A simple Swift Keychain Wrapper for iOS, watchOS, and OS X.
tmux-logging - Easy logging and screen capturing for Tmux.
KeyClip - KeyClip is yet another Keychain library written in Swift.
Serpico - SimplE RePort wrIting and COllaboration tool