As we all know, a good report must contain all the necessary details regarding the vulnerabilities of a system. All the penetration testing standards emphasize writing a well-structured report. In this chapter, we will learn about a few tools that we can use to make a good report.
The following are the key points that must be included in the report:
- Details of the vulnerability
- The CVSS score
- The impact the bug has on the organization
- Recommendations for patching the bug
The reports should be divided into two parts: one for the technical team and another for management.
In this chapter, we will cover the following topics. These topics will cover the tools that are commonly used in the report generation process:
- Introduction to report writing
- Introduction to Dradis Framework
- Working with Serpico