Penetration Testing mailing list archives
Re: Reporting aspect of pen-testing
From: "Carlos Eduardo Pinheiro" <cabeca () gmx net>
Date: Sun, 30 Nov 2003 16:14:31 -0200
Hi guy, You can find useful information at http://www.isecom.org/, they developed some guidelines covering how to proceed a security audit ( including the reporting part ) I hope it helps. You can also take a look at an example report from core security ( http://www.core-sec.com/examples/core_example_1.pdf ) Regards, Carlos Eduardo Pinheiro - cabeca () gmx net ICQ: 134439332 ----- Original Message ----- From: "TJ O'Grady" <tjogrady () flyingwithouta net> To: <pen-test () securityfocus com> Sent: Sunday, November 30, 2003 11:08 AM Subject: Reporting aspect of pen-testing
Hi folks, I am putting together a pen testing proposal as part of my final Master's project. If it's good enough, it will lead to a full pen test of a real network. This list has been very helpful with the technology background, but the part I am stuck on right now is the reporting piece. When a pen-test is complete, what do you include in the report? How do you structure the information for business contacts, I imagine raw data is often not helpful in many cases. Any hints or tips would be greatly appreciated. Thank you, TJ --------------------------------------------------------------------------
-
--------------------------------------------------------------------------
--
--------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Re: Reporting aspect of pen-testing riptide (Dec 01)
- <Possible follow-ups>
- Re: Reporting aspect of pen-testing Stephen de Vries (Dec 01)
- Re: Reporting aspect of pen-testing Anders Thulin (Dec 01)
- Re: Reporting aspect of pen-testing Carlos Eduardo Pinheiro (Dec 01)
- Re: Reporting aspect of pen-testing Ivan Arce (Dec 03)
- RE: Reporting aspect of pen-testing Brewis, Mark (Dec 03)
- RE: Reporting aspect of pen-testing Cotter, Joe (Dec 12)