Reporting
This brings us to the final, and some would say most boring, part of the test; however, if you followed the previous phases, reporting shouldn't be tedious or difficult. I try to make notes as I go along, either on paper or using Dradis, a built-in Kali tool, which can be summoned with service dradis start. Keep in mind that it is a web service, so anyone on the LAN would be able to access it using the https://IP of kali machine:3004 URL – at first run, it will prompt you to set a password.
Dradis allows you to import files from Nmap, NESSUS, NEXPOSE, and a few others, this makes taking notes when working with teammates hassle-free; you can easily share info and keep updated with the most recent results from scans.
推薦閱讀
- Web漏洞分析與防范實(shí)戰(zhàn):卷1
- 數(shù)字身份與元宇宙信任治理
- Metasploit Penetration Testing Cookbook(Second Edition)
- 計(jì)算機(jī)使用安全與防護(hù)
- Preventing Digital Extortion
- CTF競(jìng)賽權(quán)威指南(Pwn篇)
- INSTANT Apple Configurator How-to
- 黑客攻防從入門(mén)到精通
- 網(wǎng)絡(luò)空間安全:拒絕服務(wù)攻擊檢測(cè)與防御
- 黑客攻擊與防范實(shí)戰(zhàn)從入門(mén)到精通
- Android Application Security Essentials
- 云計(jì)算安全:關(guān)鍵技術(shù)、原理及應(yīng)用
- 社會(huì)工程:防范釣魚(yú)欺詐(卷3)
- 黑客攻防從入門(mén)到精通:黑客與反黑客工具篇(第2版)
- ATT&CK與威脅獵殺實(shí)戰(zhàn)