2018-03-06 08:55:19 +00:00
|
|
|
Tips
|
2018-02-17 12:06:35 +00:00
|
|
|
- Cover page with title, author, date and that it's confidential
|
|
|
|
- Table of Contents
|
|
|
|
- Summary of the penetration test
|
|
|
|
- Scope, origination ip addresses and tools used
|
|
|
|
- Management summary (for the non-technical)
|
2018-03-06 08:55:19 +00:00
|
|
|
- Remember to write the positive findings too (that's just too overlooked!)
|
2018-03-06 08:57:02 +00:00
|
|
|
- Vulnerability details (start with a legend, explain what is considered critical, high, etc.)
|
2018-02-17 12:06:35 +00:00
|
|
|
- Additional information
|
2018-03-06 08:55:19 +00:00
|
|
|
|
|
|
|
|
|
|
|
Table of Contents (Example)
|
|
|
|
1. Overview and scope
|
|
|
|
2. Management summary
|
|
|
|
3. Vulnerabilities
|
2018-03-06 08:57:02 +00:00
|
|
|
3.1 Legend
|
|
|
|
3.2 Critical vulnerabilities
|
|
|
|
3.3 High vulnerabilities
|
|
|
|
3.4 Medium vulnerabilities
|
|
|
|
3.5 Low vulnerabilities
|
2018-03-06 08:55:30 +00:00
|
|
|
4. Additional attachments, logs
|