Let's make pentesting fun again! Report writing in 5 minutes. Adrian - - PowerPoint PPT Presentation

let s make pentesting fun again
SMART_READER_LITE
LIVE PREVIEW

Let's make pentesting fun again! Report writing in 5 minutes. Adrian - - PowerPoint PPT Presentation

Jun 03, 2023 228 likes •414 views

Fab Romnia Let's make pentesting fun again! Report writing in 5 minutes. Adrian Furtun Founder & CEO https://pentest-tools.com Pentest reporting 2018 https://pentest-tools.com 2 Pentest reporting 2018 https://pentest-tools.com 3

slide-1
SLIDE 1

Adrian Furtunã

Founder & CEO https://pentest-tools.com

Let's make pentesting fun again!

Report writing in 5 minutes.

Fab România

slide-2
SLIDE 2

Pentest reporting

2018 https://pentest-tools.com 2

slide-3
SLIDE 3

Pentest reporting

2018 https://pentest-tools.com 3

slide-4
SLIDE 4

Background info

2018 https://pentest-tools.com 4

slide-5
SLIDE 5

About me

2018 https://pentest-tools.com 5

# Ex-fulltime pentester

  • 10+ years of experience in ethical hacking & IT security
  • Reformed programmer

# Founder of Pentest-Tools.com # Associate professor @ MTA, UPB # Speaker at security events and conferences:

  • Hack.lu - Luxembourg
  • Hacktivity – Budapest
  • ZeroNights - Moscow
  • Defcamp - Bucharest
  • OWASP Romania, etc
slide-6
SLIDE 6

Pentest-Tools.com

# We help companies become resilient against cyber attacks

  • Self-security assessment service
  • Periodic scans & notifications
  • Recommendation for fixing the issues
  • 25+ essential tools
  • Updated
  • Configured
  • Ready to run

2018 https://pentest-tools.com 6

20% Effort 80% Security Coverage

slide-7
SLIDE 7

Website activity

# 1,4 million users last year # Organic growth

2018 https://pentest-tools.com 7

Audience Overview (Google Analytics)

Company started

slide-8
SLIDE 8

Our customers

# > 3000 customers # 120 countries # 80% companies (SMEs) # 20% individuals

2018 https://pentest-tools.com 8

slide-9
SLIDE 9

Back to pentest reporting

2018 https://pentest-tools.com 9

slide-10
SLIDE 10

Solution 1

# Copy-paste from previous reports

  • What was the latest good version?
  • Search for findings in multiple reports
  • Adapt to the current client (!)

2018 https://pentest-tools.com 10

slide-11
SLIDE 11

Solution 2

# Make your own report generator tool

  • Who makes it?
  • Who maintains it (bug fixing, new features, updated,

etc)?

  • Who keeps it updated and clean with the latest

findings?

2018 https://pentest-tools.com 11

slide-12
SLIDE 12

Solution 3

# Use a third-party report generation tool

  • Serpico:
  • https://www.serpicoproject.com
  • https://github.com/SerpicoProject/Serpico
  • VulnReport:
  • http://vulnreport.io/
  • https://github.com/salesforce/vulnreport

# Challenges:

  • Deployment & Initial configuration
  • Learning a new reporting tool
  • Importing scan results

2018 https://pentest-tools.com 12

slide-13
SLIDE 13

Our solution

# Cloud-based # Scanning Tools => Results => Reporting (.docx)

2018 https://pentest-tools.com 13

slide-14
SLIDE 14

Pentest-Tools.com

# DEMO

2018 https://pentest-tools.com 14

slide-15
SLIDE 15

Vouchers - 300 Free Credits

# https://pentest-tools.com/register

  • Voucher code: DEFCAMP2018

 Obtain 300 Free Credits into your new account

2018 https://pentest-tools.com 15

slide-16
SLIDE 16

Our team

2018 https://pentest-tools.com 16

Vlad Turcanu Eusebiu Boghici George Pitis Adrian Furtuna

Advisors

Andrei Pitis Diana Olar Mihai Burduselu Andrei Damian

slide-17
SLIDE 17

Thank you!

17 https://pentest-tools.com

Adrian Furtunã

adrian.furtuna@pentest-tools.com

2018

Fab România