A good penetration test report can be broken down into the following format:
- Page design
- Document control:
- Cover page
- Document properties
- List of the report content:
- Table of contents
- List of illustrations
- Executive/high-level summary:
- The scope of the penetration test
- Severity information
- Objectives
- Assumptions
- Summary of vulnerabilities
- Vulnerability distribution chart
- Summary of recommendations
- Methodology/technical report
- Test details
- List of vulnerabilities
- Likelihood
- Recommendations
- References
- Glossary
- Appendix
Here is a brief description of some of the essential sections:
- Page design: Page design refers to selecting fonts, headers, and footers, colors to be used in the report, and so on
- Document ...