How To Write A Penetration Testing Report
ฝัง
- เผยแพร่เมื่อ 31 ก.ค. 2022
- This video outlines the importance of penetration testing reports and what makes up a good penetration testing report.
//LINKS
Penetration Test Reports: pentestreports.com/
SANS Whitepaper: www.sans.org/white-papers/33343/
//PLATFORMS
BLOG ►► bit.ly/3qjvSjK
FORUM ►► bit.ly/39r2kcY
ACADEMY ►► bit.ly/39CuORr
//SOCIAL NETWORKS
TWITTER ►► bit.ly/3sNKXfq
DISCORD ►► bit.ly/3hkIDsK
INSTAGRAM ►► bit.ly/3sP1Syh
LINKEDIN ►► bit.ly/360qwlN
PATREON ►► bit.ly/365iDLK
MERCHANDISE ►► bit.ly/3c2jDEn
//BOOKS
Privilege Escalation Techniques ►► amzn.to/3ylCl33
Docker Security Essentials (FREE) ►► bit.ly/3pDcFuA
//SUPPORT THE CHANNEL
NordVPN Affiliate Link (73% Off) ►► bit.ly/3DEPbu5
Get $100 In Free Linode Credit ►► bit.ly/39mrvRM
Get started with Intigriti: go.intigriti.com/hackersploit
//CYBERTALK PODCAST
Spotify ►► spoti.fi/3lP65jv
Apple Podcasts ►► apple.co/3GsIPQo
//WE VALUE YOUR FEEDBACK
We hope you enjoyed the video and found value in the content. We value your feedback, If you have any questions or suggestions feel free to post them in the comments section or contact us directly via our social platforms.
//THANK YOU!
Thanks for watching!
Благодарю за просмотр!
Kiitos katsomisesta
Danke fürs Zuschauen!
感谢您观看
Merci d'avoir regardé
Obrigado por assistir
دیکھنے کے لیے شکریہ
देखने के लिए धन्यवाद
Grazie per la visione
Gracias por ver
شكرا للمشاهدة
-----------------------------------------------------------------------------------
#cybersecurity #hacking - วิทยาศาสตร์และเทคโนโลยี
Despite studying med of all things I have to say this channel would be an absolute gold mine if I was studying/practicing in this field.
More future videos about this because most of the ethical hacking videos related on other youtube channels focus more on hacking and no writing reports which is the one of the things to conduct a penetration testing or ethical hacking
I want to be chosen of one of the eJPTv2 certification for free this coming august 8 - september 8. I hope so.
Can we hacking server side games? Like Mobile Legends?
@@spwkdnddjwbwbshdj407 I think yes if there is vulnerability on the app cause the app or the client communicates to the server, therefore any connection is possible of hacking but I think that would be difficult. I'm beginner to this field so base on my research and understanding, the app is program to what data is sent to the server (when it comes to that online games) so changing the data sent to server wouldn't work (especially when the server handles data and errors very properly). This is broad topic and difficult to explain. But for me, yes, it is possible.
@@spwkdnddjwbwbshdj407 you can compromise anything. Nothing is un-hackable. Now, it’s your job to figure out how…
Please do more series of write-ups, etc. IMO, this will fundamentally help a lot of people in writing for Cybersecurity
Always love seeing vids that dig in to the aspects of pen testing that might not be as attention grabbing as others
Never have I regretted subscribing to this channel ❤️
okay thank you
Wow thought u would be back last week from the post u made on TH-cam. No matter good to see u here again
Thanks for releasing this video content which I am really interested in. I am loving your eJPT v2 training at INE.
Sir,can server side games be hacked?
HackerSploit great content and awesome topic to go over. Can't until the next vlog of this series!
Thats awesome! Great way to help others with that challenge
Thanks, we need more videos like that for documentation.
im an enthusiastic junior BackEnd dev with a keen of interest about the ethic of penetration testing/bug testing... i wanted to take you a lot of massive thanks for shared this guide.
Thank you so much for this valuable content.
Welcome back brodie!
Thank you for this topic!
bro iloveyou
ive been following for years just subscribed
thank you for the video it really help me to have a point to start!
I was waiting for this from long time, A big Thank u Ahmed👍 When will you start Web App Pentesting series? I am waiting!
Great video sir 😍😍my fav youtuber
You are always osm and always delived best content...♥️💯
now that's more like it real world problem many ignores but important how to properly write the report thank man
omg man you are a living god .. much love
An light note, in the near future please also do a video on USSD service pentesting & Mobile pentesting (dynamic analysis).
@HACKERSPLOIT That is a great deal with you reviewing on livestream(s) some of those practice reports written by your 'students' that take part in that/those CTF challenges then write up reports (for practice and learning).
thank u, sir. i also enjoy your other channel, Depths of Despair.
Thanks! I will use this for eCPPT! On Feb 6th!
dope video!
thankyou so much!
It would be great to know what software they used to design the penetration test report in the pentestreports examples.
im wondering if i should take one of your courses on udemy?
per this video, most excellent. I am a technical writer since my degree is in aerospace ad biomedical engineering. I have had papers of mine publised by the IEEE before and its a very important skill to have.
I used to be a cyber security professional back in 2007 but then decided to go back to school for areospace and biomedical. HOWEVER, i still do this as a hobby. thanks for all your hard work that you do for making these videos for us.
thank you for this ethicle hacking ful leson , good luck
Thankyou soo much sir from India 🇮🇳 to share such a most valuable knowledge ... Can you please make a full eWPT playlist thank you in advance
Very helpfull man. Thanks a lot. And also, could you make a video about Kodachi Linux ??
nice one
Please make a course on Threat Hunting!!
Thank bro
Gonna watch these even though I can’t pentest to write a report on yet lol
Thanks for sharing your wisdom with people. Is there any way to contact you discuss some my idea for really good stuff.?
Guys when and where does he usually stream? Are streams being recorded anywhere?
who determines the level of the vulnerability or severity? How do I know what level to put it in?
here is my basic outline
Coverpage, Document Properties, Table of Content, Executive Summary, Scope and Limitation, Methodology, Technical Findings, Annexes
just sharing :)
Thanks sploit
Supposing you installed a Linux system and want to use it as your personal PC doing important stuff on it. How to check if it has backdoors or not for sure? Thank you in advance!
Is Windows 8.1pro, Amd Sempron s-42 cpu good for Cybersecurity?
* A good penetration testing report will need to communicate your findings in a structured methodological format:
1. Assessment Overview - Outlines how the assessment was planned, organized and orchestratened.
What guidelines/testing methodologies were used ( PTES, OWASP etc )
Planning -> Discovery -> Attack -> Reporting
2. Severity Ratings - Explains how vulnerability severity is calculated, displayed and color coded. ( Typically CVSS score )
3. Risk Factors
4. Scope
Clearly defined and agreed upon scope and any exclusions.
Specific client allowances need to be documented.
5. Executive Summary - Report tailored for C-Suite/Executives ( what performed and found )
Highlight the strengths and weakness - what the company did right and wrong.
Summary - final grade card.
6. Techical Findings
Description/summary of vulnerability or finding.
Target system/IP/domain
Severity
Risk(Likelihood, impact)
Tools used
References
Evidence(screenshots, tool output, ensure the exploitation process is verifiable)
Remediation/Patching
Which programming language should I learn First to Be a Hacker (C , C++ or Python)
Which is the best Laptop for penetration testing in 2022
On the OSCP are you given the IP?
can you make like a top tier of the safest android phones ? i whant to get something good thats its hard for hackers to exploit
Sir I want to start my journey in hacking world can you plz suggest me from which topic I start my journey from your playlist
Information gathering bro
Good afternoon
When I type htop I see
PID# and USER - rtkit
What is this???
Expending this there are two open source tools that can be help full in writing penetration testing reports like ghost writer and petereport bith offers Uniq features.
💯
Dude please help someone somehow exploited my pc im very poor i cant afford new pc how to remove eternablue 2 from my pc
👏👏
So please I was wondering if let’s say someone doesn’t have a laptop at this moment so please can that person use his phone to study the basics of Linux and python for the meantime?
And really understand everything?
Please and if that’s possible please show us the roadmap into learning all the basics of ethical hacking with their phone.
( the person is a complete beginner who doesn’t know any thing about both stuffs)
Yo man ! Where are you ?
Guys anybody help me i can't scan nmap in linux it's showing error
How should get a mobile number from mobile ip address is it possible broo then how
Can I have the powerpoint presentation file?Plz❤❤❤❤
eJPTv2 !!!
The discord invite linked is showing as invalid
Is he having the streams on discord?
@@suttercane6718 no idea
how to create threat map, thanks HackerSploit
Why new videos on hacking coming
I want to be a hacker, can someone tell me from where to start and provide good content to follow? I will be thankful and pray for you. 😐
Search on this youtube "the cyber mentor how to be ethical hacker", that is a guide but your path will not be exactly what he said, but the foundation of linux, networking is really important. And after you learn the fundamentals, this channel hackersploit is one of the best channel for learning exploit like network and web. Just stay curious and consistent to learn
Get a computer with kali linux.
Learn and practice using the command line/ terminal.
Learn the basics of computer programming theory. This will help you with learning any programming language.
Learn python
Learn how computers send and receive information. Example. In your computer the information is digital. It goes through your modem (digitized/dedigitized) it is turned in to analog to move along the wires. Then it is turned back into digital at the other end.
Learn about servers, ports, routers, how wifi works and the different frequencies.
Learn what the kali tools do and how to use them.
After you learn theory and python, find the source code for a few programs and break them down and identify what each command is doing.
Null byte ,network chuck, engineer man are a few places to start.
DO NOT PRACTICE ON SOMEONES MACHINE WITHOUT PERMISSION. get a cheap used computer that nobody wants, put linux on it, connect it to your network and practice finding its vulnerabilities.
Once you learn a little, try Hack the Box.
Good luck and above all have fun. If it isn't fun it isn't for you. 😎
Take care.
@@h_r7708 I appreciate your response.
Bro I know the basics of Networking, Websites(I am mern stack developer), Databases, Linux I just want a complete series of videos/any other content to follow. I am unable to find good content that actually teaches hacking rather than wasting my time.
Other than this can you tell me how much time will it take me to become a hacker? I can give 3 to 4 hours on daily basis.
@@justkiddieng6317 I appreciate your response.
Bro I know the basics of Networking, Website Apps(I am mern stack developer), Databases and Linux. I just want a complete series of videos/any other content to follow. I am unable to find good content that actually teaches hacking rather than wasting my time. Thanks for providing the guidance, any other YT channel if you can tell me about?
Other than this can you tell me how much time will it take me to become a hacker? I can give 3 to 4 hours on daily basis.
He said he was working on super very exiting stuff but its not true he was just trying to finish hes fuckin reports on time haha joke this reporting part of the job is making me hate it some times ^^ All those skills and training to finish with WORD, NetSparker and Nessus ^^ and no time to play :/
How to break Android screen lock password
Linux > windows
Really a good content! Thank you Hackersploit!
Dear , @HackerSploit please provide your discord link .