Escolar Documentos
Profissional Documentos
Cultura Documentos
FULL_COMPANY_NAME
REPORT NAME: REPORT_NAME
Penetration Testing Report
Date DATE
FULL_COMPANY_NAME Report
Customer Information
Company
SHORT_COMPANY_NAME
Name:
City:
CONTACT_CITY
State: CONTACT_STA
TE
URL:
COMPANY_WEBSI
TE
Zip Code:
CONTACT_ZIP
Consultant Information
Company
Serpico Template Report, LLC
Name:
Contact
CONSULTANT_NAME
Name:
Title:
CONSULTANT_TITLE
Telephone:
CONSULTANT_PHONE
E-mail:
CONSULTANT_EMAIL
Business
123 Paper St
Address:
City
TestCity
State:
URL:
http://www.github.com
MA
Zip
Code:
11111
FULL_COMPANY_NAME Report
1.0 Executive Summary
Serpico Template Company (STC) was contracted to perform a penetration test for
SHORT_COMPANY_NAME. This report discusses the results from the assessment. Really, if you
are reading this you should update the template to match your executive summary. The symbols
throughout this report are used to display the data. Please see the README to understand how
they work.
Overall, STC was able to achieve the goals of the assessment and exfiltrate the targeted data.
There were a number of critical findings during the assessment including the following:
Finding Name
report/findings_list/findings:::DREAD_TOTAL>40
title
Remediation
Effort
EFFORT
Here is a super fancy flow chart that shows the exploitation narrative (or just the cyber kill
chain):
Reconnaisan
ce
Weaponizatio
n
Delivery
Exploitation
Installation
C&C
Actions on
Objectives
FULL_COMPANY_NAME Report
2.0 Attack Narrative
This explains the story of the attack. Chances are this will be custom written. You can add in an
attack narrative input box to the web server and make this easy to fill out. Or just edit this
section for the specific report.
FULL_COMPANY_NAME Report
3.0 Findings
3.1Findings Table
The following were the results from the assessment. <TO THE AUTHOR, NOTICE THE
DREAD SCORE IS NOT SHOWN BUT USED TO INSERT INTO THE TABLE>
Finding Name
Remediati
on Effort
EFFORT
EFFORT
EFFORT
FULL_COMPANY_NAME Report
CRITICAL FINDINGS
The following are all of the Critical Findings from the assessment.
report/findings_list/findings
DREAD_TOTAL<50
DREAD_TOTAL>30
FULL_COMPANY_NAME Report
DREAD
Score
Damage
Potential
Reproduci
bility
Exploitabi
lity
Affected
Users
Discovera
bility
Total
damage
reproducability
exploitability
affected_users
discoverability
dread_total
Summary
overview/paragraph zzzz .
code .
italics .
h4
bullet .
Proof
poc/paragraph
Remediation
remediation/paragraph zzzz .
code .
italics .
h4
bullet .
FULL_COMPANY_NAME Report
FULL_COMPANY_NAME Report
OTHER FINDINGS
Notice the changes in colors in this section.
report/findings_list/findings:::DREAD_SCORE<30
FULL_COMPANY_NAME Report
DREAD
Score
Damage
Potential
Reproduci
bility
Exploitabi
lity
Affected
Users
Discovera
bility
Total
damage
reproducability
exploitability
affected_users
discoverability
dread_total
Summary
overview/paragraph zzzz .
code .
italics .
h4
bullet .
Proof
poc/paragraph
Remediation
remediation/paragraph zzzz .
code .
italics .
h4
bullet .