Lesson 12: How to Write Penetration Testing Reports

These are mostly references vs. actual exercises...

Exercise 12.1 - Penetration Testing Report Templates and Format

  1. Watch these videos as a reference.
  2. You can access dozens of real-life penetration testing reports in our GitHub repository.
  3. Create an example report of all the activities and findings in the previous lesson. Make sure that you have a good executive summary. If you like the results and are proud of your report, feel free to contribute it to the GitHub repository by making a pull request. Watch this video if you do not know how to make a pull request.

Exercise 12.2 - Dradis

1.Dradis comes installed in Kali Linux, but you can also download it from https://dradisframework.com/ce/.

  1. Perform an nmap scan to your victim host(s) and export the results to XML.
  2. Use the Upload output from tool functionality to import the results of your scan.
  3. Create custom methodologies.
  4. Try to become familiar with the tool and create reports.

Bonus : Download the Offensive Security OSCP report template for Dradis: https://dradisframework.com/academy/industry/compliance/oscp/

Use it as a general guidance whether you are preparing for the certification or just starting to learn penetration testing concepts.

results matching ""

    No results matching ""