Recon Report Template

Pelvis

Is there any such thing? I have to put together a "professional" report for an assignment. But can't for the life of me find any kind of template online.

Joe Exotic

Pelvis wrote: »

Is there any such thing? I have to put together a "professional" report for an assignment. But can't for the life of me find any kind of template online.

Edit:Just reread you specifically asked for Recon sames as the below but with the Info gathered section - ip/Ports/services

IT depends on the Senario, the below would be a guide for a Technical assessment e.g. pentest or review.

Typically a report should include three major sections
1. Mgmt Summary - Basically an overview of the work carried out, in scope Devices/Sites/IP addresses and high level results in non tech speak so that Management can understand. should include a paragraph pointing out where results were good (a report should not be all negative even though that is what your trying to find) and major issues should be called out in no tech speak

2. Technical Findings - Detailed Results which should be prioritized by Risk Each finding should include Description of issue with detail so it can be reproduced, screenshots etc. a Rating of some sort (Severity, Likelihood
overall rating)and S.M.A.R.T Recommendations to resolve.

3. Results Section - Results of all tests carried out, include screenshots, evidence to big for Technical findings etc. This can be one of the most important sections of a report e.g. if doing a Web app pentest it will help track progress and ensure your covering the entire Web App from an OWASP Top 10 perspective (also if the Web app is secure helps prove you did test it )

As i said the above would be a technical test each section is aimed at an audience and each will have different requirements form it. the below example is off the top of my head so please forgive the technical mistakes :pac:


So for section 1 a Manager may be "paying for" the review but may not have been the one who asked for it to be done (E.g. Required by Risk Function) the manager will want not want to know or not be able to understand the technical details. May also not be sure what the test/Review was about so include an in scope section a brief over view of whaat was tested and high leve details of major issues.

So for example this level might be appropriate:

Scope:X web site (www[.]xwebsite[.]ie)
High Level issues

Issue 1 - Critical

Title:It is possible to Access User data with the correct permissions.
" User session mgmt is not secure in the Web application, this allows one user to potentially see the account details/activity/Data of another, it is recommended that each User session has a secure token assigned and that this token be checked each time a user makes a request"

Manager now knows something is wrong which might affect the privacy of users

Section 2 for same might be: (Target is the DEV)
Title: user sessions are not handled securely.


Severity: High , Likelihood: Likely Rating Critical
the session cookie is only checked at the beginning of the session and not after this so it is possible for test user 1 to request test user 2's details etc .

Insert images for proof and URL so the dev can reproduce

Recommendations: Ensure that all requests made by a user require that the session cookie be checked to ensure the user is entitled to access the Data.

Section 3 would just contain a Statement that the test was carried out and the results.

Pelvis

Many thanks murphk for taking the time.