Re: Some help on methodologies and reports

From: m.delibero@comcast.net
Date: Wed Dec 27 2006 - 20:04:16 EST


Nikolaj,

  If you are running windows you can try the OWASP Report Generator.

  http://www.owasp.org/index.php/ORG_%28Owasp_Report_Generator%29

  Thanks,
  Mike de Libero
 -------------- Original message ----------------------
From: Nikolaj <lorddoskias@gmail.com>
> I would like to ask a few question concerning some aspects of
> penetration testing.
>
> A friend setup a little lan to mimic an ISP. He has different services -
> ranging from mysql to nagios etc. I was able to penetrate one of the
> server which let me to another and so forth. Eg. I penetrated his
> network. Now I want to create a legit report, so that it looks like a
> real one. Can you give me links or some hints on what should one such
> report include? Maybe there are drafts somewhere.
>
> I feel that what I did was more plain hacking than just pen testing.
> What are the differences between them, except the business relationship.
>
> Regards.



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:30 EDT