16
◾
Ethical Hacking and Penetration Testing Guide
Explanation
This is the section where you reveal where
the vulnerability was found, how it was found, the root
cause
of the vulnerability, the proof of concept, or the evidence of the finding.
Risk
This is where you talk about the risks and the likely impact that the vulnerability carries.
Recommendation
This is where you address the developers on how to fix the vulnerability;
you may also include
general suggestions to avoid that particular class of vulnerability in future.
The following screenshot comes directly from one of our penetration testing reports. Our
finding was “DOM-based XSS” vulnerability. In the “Description” section we discussed the
vulnerability. In the “Explanation” section, we talked about where the vulnerability was found
and what line of the JavaScript code is the root cause of the vulnerability. We then talked about
general risks and the impact and finally the general remediations to
avoid vulnerabilities of a
similar class.
Introduction to Hacking
◾
17
Reports
Now that you know the basics and structure of how a penetration testing report is written, I would
urge you to spend some time reviewing the following penetration testing sample reports.
◾
http://www.offensive-security.com/penetration-testing-sample-report.pdf
◾
http://www.niiconsulting.com/services/security-assessment/NII_Sample_PT_Report.pdf
◾
http://pentestreports.com/
Conclusion
In this chapter, we talked about basic terminologies that you will encounter on a
daily basis as a
penetration tester. We discussed about the types of penetration tests and the different penetration
testing methodologies. We then talked about what makes a good penetration testing report. We
also looked at how a penetration test report should be laid out in order to provide the target audi-
ence the necessary information.