Notes Template Structure

During the penetration testing, it's important to be very organized from the beginning and take notes of each pentest phase and finding.

We can use a notetaking application like: OneNote, Evernote, Notion, Cherrytree,...

Starting with a template helps you starting organized from the beginnig and will save you a lot of time when writing the final Report.

An example OneNote (also applicable to other tools) structure may look like the following for the discovery phase:

External Penetration Test Template - <Client Name>

Scope

(including in-scope IP addresses/ranges, URLs, any fragile hosts, testing timeframes, and any limitations or other relative information we need handy)

Client Points of Contact

Credentials

Discovery/Enumeration

Scans

Live hosts

Application Discovery

Scans

Interesting/Notable Hosts

Exploitation

<Hostname or IP>

Post-Exploitation

<Hostname or IP>

PreviousBasics NextNmap favorites

Last updated 1 day ago