Reporting

Introduction

Scanning is what an attacker does prior to attacking the network. In scanning, the attacker uses the details gathered during reconnaissance to identify specific vulnerabilities. Scanning can be considered a logical extension (and overlap) of the active reconnaissance phase.

The Scanning Phase is divided into three sub-phases: Scanning, Enumeration and Vulnerabilty Assessment

Scanning - During the Scanning sub-phase the attacker tries to identify information that help him to map out the target network. Information of interests are: active hosts, open ports, routes and filtering devices and technologies (e.g. Network- or Web-Application Firewalls, Router ACLs)

Enumeration - Enumeration refers to the gathering of additional information from accessible services that have been identified during the Scanning Phase. This can lead to the more detailed information of a target system, account details, file access, etc. that can be utilized during the Gaining Access Phase.

Vulnerabilty Assessment -

Documentation Frameworks

Name Link
Dradis https://dradisframework.com/ce/
Kvasir https://github.com/KvasirSecurity/Kvasir
Lair https://github.com/lair-framework/lair
Metasploit https://www.metasploit.com/

Documentation

Contents of the documentation

A complete documentation may include:

  • The contract, including the results and agreements agreed in the preparatory talks,
  • The documentation of the elaborated examination steps for obtaining information, e.g. Log files of the tools used, including the list of tested vulnerabilities,
  • The system descriptions derived therefrom,
  • The list of potential vulnerabilities, broken down by system and including a brief description
  • The results of the risk analysis (effort and priorities) and the selected systems (active penetration tests)
  • The documentation of the processed test modules for active penetration tests and the log files of the tools used,
  • The individual results of the test modules including the list of verified vulnerabilities,
  • As well as a final report.

Handling the documentation

  • Confidential handling since security-sensitive information can be included (encryption of data, access protection, delivery in printed form and personal)
  • Prior agreement to which parts of the documentation are given to the customer (for example, to pass personal data only to the data protection officer)

Report

Contents of the report

  1. Management Report
    1. Abstract background
    2. Description of the test assignment, the essential test results and the recommended further procedure
  2. Main Part
    1. Description of the test assignment, the essential test results and the recommended further procedure
    2. The form and content are aimed at prior arrangements with clients
    3. Detailed positive and negative findings (subject to agreement)
    4. Evaluation and prioritization of the results of the vulnerability scan and presentation of the resulting risks
    5. Recommendations such as found weaknesses
    6. Detailed information on the tools used, work step information (which tools were used with which options), log files, times of use (during which attacks were carried out), etc.

results matching ""

    No results matching ""