Your Reporting Matters: How to Improve Pen Test Reporting
ATT&CK techniques detected
T1113Screen Capture
71%
"into words. if you know about webapps, you can ’ t look at this and not recognize the problem. you can disagree about the problem, of course. maybe there ’ s a good reason ™ for not forcing https. but this screenshot helps you know for sure what you ’ re disagreeing about, and th…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1204.002Malicious File
52%
"a standalone word so that it doesn ’ t trigger unexpectedly. suggestion : start these with the letter ‘ i ’ ( for “ insert ” ) to avoid collisions. once this is set, any time you type “ issl ” it will be replaced with what ’ s in the second column. to trigger the replacement, you…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
Brian B. King // This is a companion post to BBKing’s “Hack for Show, Report for Dough” report, given at BSides Cleveland in June 2019. The fun part of pentesting is […]
The post Your Reporting Matters: How to Improve Pen Test Reporting appeared first on Black Hills Information Security, Inc..