1. Cover page Pentest Report Outline 2. Report properties 3. Report index 4. Executive summary a....

Transcribed Image Text:

1. Cover page Pentest Report Outline 2. Report properties 3. Report index 4. Executive summary a. Project title b. Client name c. Report version d. Author information e. Date a. Client information b. Pentesting company's information c. Pentester information d. Information about any other people involved in the project a. Table of contents, main topics and page numbers, subheadings don't need page numbers b. Table of figures a. Objectives 5. List of findings b. Scope c. Authorizations d. Assumptions e. Timeline f. Summary of test (brief narrative of how attack was conducted end to end), most critical findings, overview of methodology used, high level recommendations a. Summary list of findings in a table, includes vulnerability, affected hosts/devices, impact, risk 6. Findings in detail - for each vulnerability a. Definition of vulnerability b. Root cause of vulnerability c. Proof of concept, description of method used, screenshot, data gathered d. Impact of successful exploit of vulnerability e. Likelihood, how easy to exploit vulnerability, is exploit publically available, does it require physical/WAN/LAN access, is it repeatable f. Resultant risk g. Recommendation for mitigation 7. Supporting documentation a. Methodology b. Tools used c. Appendix, other information you feel would be valuable to reader. This is extra information, not essential information d. References e. Glossary - define technical terms Happy Accident Labs "Smarticle Particles for Better Living" Hi, welcome to Happy Accident Labs. My name is Bill Winnicott and I'm the CIO here. We are a new start-up in Omaha, Nebraska focused on developing miniature (I mean really small) Internet of Things (IoT) devices which will serve as personal assistants, they will do everything from search information on the web, to manage your schedule, to order groceries or take-out when your fridge is empty. We call them smarticle particles. We are real excited and are just about to get our second round of venture capital funding, we can't afford any missteps right now. And, that's why we hired you. Our team is 100% focused on getting to our next prototype so our IT system has been pretty much flung together. It works, and up to this point we have seen little need to change what we are doing. One of our potential investors is very concerned that our intellectual property (IP) may be stolen and a competitor could beat us to market. We don't think that is a possibility but the investor has required that we have a penetration test done prior to him putting his money on the line. We've been told we need a black-box test, hope you know what that means because none of us do. Our chief scientist who is a physicist thought it may have something to do with a cat but we doubt that is the case. So, what we need is a black-box penetration test of our network, we want to know if there are any vulnerabilities we must address to keep our IP safe and secure. We would also like your recommendations of what we should do to address the vulnerabilities you find. When you are complete we need a penetration test report with your recommendations. The scope of the test is our entire organization network. You have permission to conduct the test on all company owned assets but not on the networks of any of our clients or suppliers. This means any services we outsource, such as our public website, can be viewed but you may not attempt to hack it. Our teams can't stop work while you do the test so although you can use any access you gain you are not allowed to impact the operation of any system. If you have any questions let me know. Good hunting. 1. Cover page Pentest Report Outline 2. Report properties 3. Report index 4. Executive summary a. Project title b. Client name c. Report version d. Author information e. Date a. Client information b. Pentesting company's information c. Pentester information d. Information about any other people involved in the project a. Table of contents, main topics and page numbers, subheadings don't need page numbers b. Table of figures a. Objectives 5. List of findings b. Scope c. Authorizations d. Assumptions e. Timeline f. Summary of test (brief narrative of how attack was conducted end to end), most critical findings, overview of methodology used, high level recommendations a. Summary list of findings in a table, includes vulnerability, affected hosts/devices, impact, risk 6. Findings in detail - for each vulnerability a. Definition of vulnerability b. Root cause of vulnerability c. Proof of concept, description of method used, screenshot, data gathered d. Impact of successful exploit of vulnerability e. Likelihood, how easy to exploit vulnerability, is exploit publically available, does it require physical/WAN/LAN access, is it repeatable f. Resultant risk g. Recommendation for mitigation 7. Supporting documentation a. Methodology b. Tools used c. Appendix, other information you feel would be valuable to reader. This is extra information, not essential information d. References e. Glossary - define technical terms Happy Accident Labs "Smarticle Particles for Better Living" Hi, welcome to Happy Accident Labs. My name is Bill Winnicott and I'm the CIO here. We are a new start-up in Omaha, Nebraska focused on developing miniature (I mean really small) Internet of Things (IoT) devices which will serve as personal assistants, they will do everything from search information on the web, to manage your schedule, to order groceries or take-out when your fridge is empty. We call them smarticle particles. We are real excited and are just about to get our second round of venture capital funding, we can't afford any missteps right now. And, that's why we hired you. Our team is 100% focused on getting to our next prototype so our IT system has been pretty much flung together. It works, and up to this point we have seen little need to change what we are doing. One of our potential investors is very concerned that our intellectual property (IP) may be stolen and a competitor could beat us to market. We don't think that is a possibility but the investor has required that we have a penetration test done prior to him putting his money on the line. We've been told we need a black-box test, hope you know what that means because none of us do. Our chief scientist who is a physicist thought it may have something to do with a cat but we doubt that is the case. So, what we need is a black-box penetration test of our network, we want to know if there are any vulnerabilities we must address to keep our IP safe and secure. We would also like your recommendations of what we should do to address the vulnerabilities you find. When you are complete we need a penetration test report with your recommendations. The scope of the test is our entire organization network. You have permission to conduct the test on all company owned assets but not on the networks of any of our clients or suppliers. This means any services we outsource, such as our public website, can be viewed but you may not attempt to hack it. Our teams can't stop work while you do the test so although you can use any access you gain you are not allowed to impact the operation of any system. If you have any questions let me know. Good hunting.