Penetration Testing: Report Writing

Definitions:
Audiences:

Report Process ➖

	1. Report Template
	2. Findings
	3. Executive Summary
	4. Attack Summary
	5. Optional Components
	6. Closing

Module 1 - 1   : Structure of the report(foundation and Sceleton for the rest of the report)

Module 2 - 1,2 : fill the findings as per the report templates (Attack Scanerio)

Module 3 - 3,4 : creating POCs ans summaries

Module 4 - 5   : focuses on optional features than can be added to your report (includes diff shots, positive findings)

Module 5 - 6   : final step(final preperation with the customers), checks for quality standard report,

Report Sections (covored in this notes)

1. Executive Summary 
2. Report Dashboard (optional)
3. Attack walkthrough
4. Findings
5. Appendices
6. Value Adds

1. 1-2 page of non-technical analysis of the assessments & results. 

2. In-depth summary of the assessment (incluseds report card, chart analyts of findings,etc)

3. Every POCs (with details), summary of Chained issues.

4. outline every finding from the assessments, steps to recreate an issue, & remedaitation instructions.

5. Attachments

6. -

Questions to Ask (in beginning from client)

Scaffolding

Positive Findings

Finishing Strong

Power up your Career:

Resources:

https://github.com/juliocesarfort/public-pentesting-reports

https://github.com/hmaverickadams/TCM-Security-Sample-Pentest-Report