4 - Report
Last updated
Last updated
At the conclusion of the test, a report is developed to describe identified vulnerabilities, present a risk rating, and give guidance on how to mitigate the discovered weaknesses in its efforts to improve its security posture. Furthermore, the report should be structured in a way to clearly communicate what was tested, how it was tested, and the results of the testing.
This section is intended to define the base structure for a penetration test report, although it is highly encouraged to use your own format based on your needs.
A penetration test report comprises mainly two parts: the executive summary and the technical information.
Confidentiality statement: A brief explanation of the document's importance and the consequences of its disclosure.
Disclaimer: Statement explaining that you are not responsible for new vulnerabilities that might appear in the future and were not found during the assessment.
Executive summary
Synopsis: It should be a paragraph or small set of paragraphs for a no tech-savvy person explaining the major weaknesses you have found during the test in general terms.
Observed security strengths: Highlight security measures the client should maintain.
Risk Rating:
Technical report
Scope: Should contain the assets the client wanted to test for each hired service, adding any extra information provided for the client such as credentials.
Hosts
Ports
Provided credentials
< SERVICE >: Depending on the service contracted by the client, it will have a different structure.
< Footprinting >: Show all the information obtained about the company categorised.
Company domains and subdomains
Public contact information
Public files metadata
Employees (Names, roles, emails, leaked credentials...)
< Pentesting | vulnerability assessment >: The reporting of this type of test has different approaches: explaining all the steps narratively from the enumeration phase to the post-exploitation stage or focusing directly on the vulnerabilities found their exploitation without emphasising the enumeration and situational awareness phases.
Hostname - IP
Ports (TCP):
Ports (UDP):
Operating system:
Description: Description of what has been exploited.
CVSS Base Score:
Criticality: To help you better decide which vulnerabilities should be fixed first: (Low, Medium, High)
Proof of Concept (PoC): Detailed steps to exploit the vulnerability.
Mitigations: Recommendations about how to solve the vulnerability.
House cleaning
WiFi report: All the steps involving a WIFI penetration test exercise.
Appendix
Changes during the test: List evidence that appeals to the change in the testing objectives.
Meaning severity scale: Explain what is based on the criticality of each vulnerability.
The source code and the script to generate the PDF can be found in this .
As an alternative you can use tools such as or , where you can manage your clients and project information, register their infrastructure such as servers, domains, etc.,manage vulnerability templates and use report templates, and everything on a multi-user friendly environment.