< COMPANY NAME >

Penetration Test Report

Version 1.0

Author Your Name

Issue Date Report Submission Date

Table of Contents
1.0 <Company Name> Penetration Test Report 2
1.1 Introduction........................................................................................................................................................2
1.2 Scope..................................................................................................................................................................2
2.0 Executive Summary 3
2.1 - Recommendations..........................................................................................................................................3
3.0 Risk Assessment ………………………………………………………………………………………………… 4

3.1 - Likelihood......................................................................................................................................................4
3.2 - Impact.............................................................................................................................................................4
4.0 Findings Summary ……………………………………………………………………………………………………………………………. 5

5.0 Vulnerbility and Remedetion Report 6

6.0 Infromation gathering ………………………………………………………………………………………………………………………. 7

7.0 High Findings……………………………………………………………………………………………………………………………………. 8

7.1 - XXXXXX.......................................................................................................................................................8

8.0 Medium Findings…………………………………………………………………………………………………….………………………..38

8.1 - XXX XXX....................................................................................................................................................38

9.0 Low Findings…………………………………………………………………………………………………………………………………….45

9.1 - XXX XXXXX XXXX.................................................................................................................................45

Confidential Final Version 1|Page

1.0 <COMPANY NAME> Penetration Test Report

1.1 Introduction

Subject of this document is summary of penetration test performed against web applications owned by <Company
Name> company. Test was conducted according to rules of engagement defined and approved at the beginning by
both parties – customer and contractor. Black-box pentesting assignment was requested.

Black-box penetration test classification means that penetration tester has no internal knowledge about target system
architecture. He/she can use information commonly available on the Internet. More data can be collected during
reconnaissance phase based on observation of target system behavior. Black-box penetration test results gives
overview of vulnerabilities exploitable from outside the company network. It shows how unauthenticated actor can
take advantage of weaknesses existing in tested web application.

Time frame defined:

Penetration test start: XXXXX,

Penetration test end: XXXXXX.

1.2 Scope
To perform a Black Box Web Application Penetration Test against the web applications of the organization named
<Company Name>.

This is what the client organization defined as scope of the tests:

 Dedicated Web Server: X.X.X.X

 Domain: domain.com

 Subdomains: all subdomains

2.0 – EXECUTIVE SUMMARY

Conducted penetration test uncovered several security weaknesses present in web applications owned by <Company
Name> company

Confidential Final Version 2|Page

When performing the penetration test, there were several alarming vulnerabilities that were identified on <Company
Name> networks. When performing the attacks, I was able to gain access to multiple XXXX, primarily due to
outdated patches and poor security configurations. During the testing, I had XXXXXX access to XXXX portal.
These systems as well as a brief description:

 Subdomain Found: X

 X High, X Med, X Low issue has been identified.

2.1 – Recommendations

I recommend patching the vulnerabilities identified during the testing to ensure that an attacker cannot exploit these
systems in the future. One thing to remember is that these systems require frequent patching and once patched,
should remain on a regular patch program to protect additional vulnerabilities that are discovered at a later date.

3.0 – RISK ASSESSMENT

3.1 Likelihood

Confidential Final Version 3|Page

The likelihood is a measurement of the capacity to carry out an attack. The factor will be the difficulty or skill
required to carry out the attach.

Risk Description

Critical An attacker is near-certain to carry out the threat event

High An untrained user could exploit the vulnerability. The vulnerability is obvious or easily
accessed

Medium The vulnerability required some hacking knowledge to carry out the attack

Low The vulnerability required significant time, skill , access and other resource to carry out the
attack

3.2 Impact
The impact is a measurement of the adverse effect carrying out an attack would have on the
organization.

Risk Description

Critical An attack would cause catastrophic or severe effect on operation, asset or other organization

High An attack would severely degrade mission capability. The attack may result in damage to
asset( data exposure)

Medium An attack would degrade the mission capability. An attack would allow for primary function to
application to resume, but at reduced effectiveness

Low An attack would degrade mission capability in a limited capacity. The attack may result in
marginal damage to assets

4.0 -- FINDINGS SUMMARY

Confidential Final Version 4|Page

Findings Likelihood Impact Rating Status

XXXXXXX Medium Critical High Open

XXXXXXXXXXXX Medium Critical High Open

XXXXXXXXXXX High High High Open

XXXXXXXXXX Medium Critical High Open

XXXXXXXXXX High High High Open

XX XXXXX XXX XXXXX Medium High High Open

XXX XXXXX XXX XXXXX Medium Medium Medium Open

XXX XXXXX XXX XXXXX Medium Medium Medium Open

XXX XXXXX XXX XXXXX High Medium Medium Open

XXX XXXXX Medium High High Open

XXX XXXXX Low Low Low Open

XXX XXXXX XXX XXXXX Low Low Low Open

XXX XXXXX XXX XXXXX Low Low Low Open

XXX XXXXX Low Low Low Open

XXX XXXXX Low Low Low Open

XXX XXXXX Low Low Low Open

Confidential Final Version 5|Page

5.0 – VULNERABILITY & REMEDATION REPORT

Penetration test finding classification, description and recommendations mentioned in the report are taken mostly
from OWASP TOP 10 project documentation available on site:
https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project.

The OWASPT TOP 10 is list of definitions of web application vulnerabilities they pose the most significant security
risks to organization when exploited.

Vulnerability Summary

< UPLOAD SOME CHARTS >

Confidential Final Version 6|Page

6.0 – INFROMATION GATHERING

The information gathering portion of a penetration test focuses on identifying the scope of the penetration test. I
started the pentest with finding all subdomains.

I have used multiple tools to make sure that I haven’t missed any domain.

Tools Used:

1) WFUZZ

2) Virustotal

3) Sublist3r

Above tools discovered multiple subdomains, the working one’s are below:

Confidential Final Version 7|Page

5.0 High Findings

5.1. Title: XXXXXX XXXXXXXXX

Rating: High
URL:
Description:

Proof of Concept:
Step 1
Step 2:
Step 3:

Remediation Steps:

Confidential Final Version 8|Page

6.0 Medium Findings

6.1. Title: XXXX XXXXXX

Rating: Medium
URL:
Description:
Proof of Concept:
Step 1:

Step 2:

Step 3:

Remediation Steps:

Confidential Final Version 9|Page

7.0 Low Findings

7.1. Title: XXXX XXXX XX

Rating: Low
URL:
Description :

Proof of Concept:

Step 1 :

Step 1 :

Step 1 :

Remediation Steps:

Confidential Final Version 10 |

Page