public-pentesting-reports
writehat
Our great sponsors
| public-pentesting-reports | writehat | |
|---|---|---|
| 27 | 3 | |
| 8,074 | 1,216 | |
| - | 2.1% | |
| 5.4 | 0.0 | |
| 2 days ago | 7 days ago | |
| HTML | Python | |
| - | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
public-pentesting-reports
-
Yet another eCPPTv2 Review
You might find https://github.com/juliocesarfort/public-pentesting-reports repository useful if you need to see how reports are generally structured and written.
-
Reporting question
As for templates, to be honest, I haven't come across many templates floating around. You could look through public pentest reports (https://github.com/juliocesarfort/public-pentesting-reports) and borrow the bits that you prefer and drop them into TCM's template and make it your own.
-
Redteam sanitized report
I know of this site https://redteam.guide/docs/Templates/report_template/ which for me is down but maybe that is temporary, otherwise seek the cached or wayback version. There are also these https://github.com/juliocesarfort/public-pentesting-reports which are pentesting reports but you may find a number that are more about red teaming or have elements of red teaming which you can refer to.
-
Wanting to get into to security
A repository of pentest reports. Writing reports is the most important component of pentesting and redteaming. A pentester who cannot explain what they did, what they found and what the recipient should do to fix their issues is of limited value.
- Penetration testing reports
-
Information to include when writing a Pentesting Report
If you're anything like me, examples help tremendously and so: https://github.com/juliocesarfort/public-pentesting-reports
-
What is a good way to evaluate a pentesting agency?
For good examples, look here. I'd do a test with most of the firms on that list.
- I need help with a pentest report :(
- How often do you communicate with non-technical people in this field?
-
Log4j: The Pain Just Keeps Going and Going
I'd say don't let yourself be discouraged by GP. Just look into a company before you apply. Many have public reports you could look at or security research they publish, both of which you could use as indicators.
Here's a repo with lots of public audit reports by various companies, you could use that as a starting point: https://github.com/juliocesarfort/public-pentesting-reports
writehat
-
sysreptor alternatives - writehat, Serpico, ReportGen, and pwndoc
5 projects | 2 May 2023
-
Where can I find pentest reports similar to reports from Cure53?
in case anyone is looking for an app (vice templates), while Serpico is good it is archived and not actively maintained, Black Lantern Security has open sourced their WriteHat web app. https://github.com/blacklanternsecurity/writehat
-
Pen Test Report Writing Tool
WriteHat: https://github.com/blacklanternsecurity/writehat
What are some alternatives?
OSCP-Exam-Report-Template-Markdown - :orange_book: Markdown Templates for Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP exam report
Serpico - SimplE RePort wrIting and COllaboration tool
CherryTree - cherrytree
SysReptor - Fully customisable, offensive security reporting solution designed for pentesters, red teamers and other security-related people alike.
atomic-red-team - Small and highly portable detection tests based on MITRE's ATT&CK.
pwndoc - Pentest Report Generator
tmux-logging - Easy logging and screen capturing for Tmux.
ReportGen - Documentation and Support for AttackForge ReportGen
TJ-JPT - This repo contains my pentesting template that I have used in PWK and for current assessments. The template has been formatted to be used in Joplin
Awesome-Red-Teaming - List of Awesome Red Teaming Resources
template-generator - A simple variable based template editor using handlebarjs+strapdownjs. The idea is to use variables in markdown based files to easily replace the variables with content. Data is saved temporarily in local storage. PHP is only needed to generate the list of files in the dropdown of templates.