Offensive Security Penetration Test Report 2013

Penetration Test Report 2013

Offensive Security

Download Now

Offsec Pentesting Report Updated

We are proud to release a newly updated sample penetration test report. This report accurately reflects the types of assessments we conduct for our clients, incorporating changes we have made over the last two years based on customer feedback, as well as reflecting many of the types of attacks we have found to be effective in multiple customer environments.

Our last publicly released penetration test sample report generated a lot of discussion on what should, and should not, be in a report. Blogs were inspired by it, universities have used it in classes as part of their courseware, and overall it has become the gold standard that other reports are compared to.

While a lot of that is flattering, there is something important to remember: Our penetration test reports are designed to convey information that is relevant for the type of penetration tests that we conduct. We strive to structure our penetration tests in a manner that accurately simulates the actions of a highly skilled malicious party conducting a targeted attack against your organization.

Many organizations will conduct assessments in support of audit or other compliance efforts. These assessments bring with them their own reporting requirements, which are not reflected in our example, simply because we do not conduct compliance-based assessments. We encourage everyone who wants to use this report as an example for their own work to think critically about what they are trying to communicate and how best to do it. Don’t just blindly copy this format, as the results won’t be what you are looking for.

Offsec Pentesting Report

Often times, our customers are organizations that have been through multiple rounds of assessments and are having trouble finding a vendor that is up to the challenge of a highly secured environment. The attack simulations that we conduct are highly customized to the targeted organization and many involve the discovery and development of 0-day attacks.

Our reporting format is designed with these customers in mind. We strive to provide a clear narrative that demonstrates how controls are bypassed in addition to direct recommendations on how to mitigate or prevent successful attacks. Give it a read, and see if its right for you.

What is a Pen Test?

Interested in learning more about our penetration testing services? We’re more than happy to discuss your pentesting needs. Call Offsec today!

Previous Post
Advanced Windows Exploitation Vienna
Next Post
Penetration Testing with Kali Linux at Black Hat Seattle Dec 9th-12th

Related Posts

Menu
X Close

 

Certified Pentesting
Professional

OSCP
course starting at
$800 USD

Take Penetration Testing with Kali Linux to gain invaluable penetration testing skills and earn your OSCP.

  • Self-paced, online course
  • Includes certification exam fee
  • Access innovative virtual labs
  • Hands-on experience
  • Become an OSCP

Certified Pentesting
Expert

OSCE
course starting at
$1200 USD

Take Cracking the Perimeter to take your penetration testing skills to expert levels and earn your OSCE.

  • Self-paced, online course
  • Includes certification exam fee
  • Access innovative virtual labs
  • Hands-on experience
  • Become an OSCE

 

Certified Pentesting
Web Expert

OSWE
course starting at
$1400 USD

Take Advanced Web Attacks and Exploitation, to deep dive into web apps to earn your OSWE.

  • Self-paced, online course
  • Includes certification exam fee
  • Access innovative virtual labs
  • Hands-on experience
  • Become an OSWE

Certified Pentesting
Wireless Professional

OSWP
course starting at
$450 USD

Take Offensive Security Wireless Attacks to acquire knowledge about Wi-Fi attacks and earn your OSWP.

  • Self-paced, online course
  • Includes certification exam fee
  • Access innovative virtual labs
  • Hands-on experience
  • Become an OSWP

Certified Exploitation
Expert

OSEE
course starting at
See
Live Schedule

Take Advanced Windows Exploitation to develop exploits for Windows systems and earn your OSEE.

  • Live training course
  • Includes certification exam fee
  • Maximum instructor interaction
  • Highly challenging
  • Become an OSEE