Detailed Findings
This is where you address the technical audience, specifically the security manager and the
developers; also, this is where you are allowed to talk in depth about how the vulnerabilities
were discovered, the root causes of the vulnerabilities, the associated risks, and the necessary
recommendations.
Let’s now briefly talk about four essentials that should be included in the “Detailed Findings”
section.
Description
This is where you talk about the vulnerability itself; a brief explanation should be provided in this
section.
16
◾
Ethical Hacking and Penetration Testing Guide
Explanation
This is the section where you reveal where the vulnerability was found, how it was found, the root
cause of the vulnerability, the proof of concept, or the evidence of the finding.
Risk
This is where you talk about the risks and the likely impact that the vulnerability carries.
Recommendation
This is where you address the developers on how to fix the vulnerability; you may also include
general suggestions to avoid that particular class of vulnerability in future.
The following screenshot comes directly from one of our penetration testing reports. Our
finding was “DOM-based XSS” vulnerability. In the “Description” section we discussed the
vulnerability. In the “Explanation” section, we talked about where the vulnerability was found
and what line of the JavaScript code is the root cause of the vulnerability. We then talked about
general risks and the impact and finally the general remediations to avoid vulnerabilities of a
similar class.
Introduction to Hacking
◾
17
Reports
Now that you know the basics and structure of how a penetration testing report is written, I would
urge you to spend some time reviewing the following penetration testing sample reports.
◾
http://www.offensive-security.com/penetration-testing-sample-report.pdf
◾
http://www.niiconsulting.com/services/security-assessment/NII_Sample_PT_Report.pdf
◾
http://pentestreports.com/
Conclusion
In this chapter, we talked about basic terminologies that you will encounter on a daily basis as a
penetration tester. We discussed about the types of penetration tests and the different penetration
testing methodologies. We then talked about what makes a good penetration testing report. We
also looked at how a penetration test report should be laid out in order to provide the target audi-
ence the necessary information.
|