public-pentesting-reports
tmux-logging
Our great sponsors
public-pentesting-reports | tmux-logging | |
---|---|---|
27 | 4 | |
8,095 | 981 | |
- | 2.0% | |
5.4 | 0.0 | |
11 days ago | over 2 years ago | |
HTML | Shell | |
- | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
public-pentesting-reports
-
Yet another eCPPTv2 Review
You might find https://github.com/juliocesarfort/public-pentesting-reports repository useful if you need to see how reports are generally structured and written.
-
Reporting question
As for templates, to be honest, I haven't come across many templates floating around. You could look through public pentest reports (https://github.com/juliocesarfort/public-pentesting-reports) and borrow the bits that you prefer and drop them into TCM's template and make it your own.
-
Redteam sanitized report
I know of this site https://redteam.guide/docs/Templates/report_template/ which for me is down but maybe that is temporary, otherwise seek the cached or wayback version. There are also these https://github.com/juliocesarfort/public-pentesting-reports which are pentesting reports but you may find a number that are more about red teaming or have elements of red teaming which you can refer to.
-
Wanting to get into to security
A repository of pentest reports. Writing reports is the most important component of pentesting and redteaming. A pentester who cannot explain what they did, what they found and what the recipient should do to fix their issues is of limited value.
- Penetration testing reports
-
Information to include when writing a Pentesting Report
If you're anything like me, examples help tremendously and so: https://github.com/juliocesarfort/public-pentesting-reports
-
What is a good way to evaluate a pentesting agency?
For good examples, look here. I'd do a test with most of the firms on that list.
- I need help with a pentest report :(
- How often do you communicate with non-technical people in this field?
-
Log4j: The Pain Just Keeps Going and Going
I'd say don't let yourself be discouraged by GP. Just look into a company before you apply. Many have public reports you could look at or security research they publish, both of which you could use as indicators.
Here's a repo with lots of public audit reports by various companies, you could use that as a starting point: https://github.com/juliocesarfort/public-pentesting-reports
tmux-logging
- Best command logging method with tab support
-
auto logging panes to a file on creation
Have a look at pipe-pane (or the plugin tmux-logging).
- What software do you use to take notes?
-
Perfect ALARM Mk 2: Installation Part 5 (Powerline and Zsh stuff here!)
tmux-plugins/tmux-logging - Easy logging and screen capture for Tmux. The data is saved in a .log file.
What are some alternatives?
OSCP-Exam-Report-Template-Markdown - :orange_book: Markdown Templates for Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP exam report
tmux-yank - Tmux plugin for copying to system clipboard. Works on OSX, Linux and Cygwin.
CherryTree - cherrytree
tmux-ticker - A Tmux plugin to monitor various indexes and stock prices.
writehat - A pentest reporting tool written in Python. Free yourself from Microsoft Word.
atomic-red-team - Small and highly portable detection tests based on MITRE's ATT&CK.
tmux-open - Tmux key bindings for quick opening of a highlighted file or url
Serpico - SimplE RePort wrIting and COllaboration tool
tmux-online-status - Tmux plugin that displays online status of your computer.
TJ-JPT - This repo contains my pentesting template that I have used in PWK and for current assessments. The template has been formatted to be used in Joplin
tmux-sessionist - Lightweight tmux utils for manipulating sessions