Restructure code: split features into separate files

pages/boxes.typ

@@ -0,0 +1,26 @@
+
+#let render() = {
+  [
+    == Penetration Testing Box Scenarios
+
+    Penetration testing engagements are classified by the level of information provided to the testing team. This classification directly impacts the methodology, scope, and findings. The three standard scenarios are *Black Box*, *Grey Box*, and *White Box*. While Black Box and White Box refer to quite clear and precise situations, Grey box is a bit vague, in-between of both. Due to this, these terms should always be interpreted in the current situation and not be seen as precise and clear terminology. Nonetheless, the selection of the box scenario directly determines the scope of findings and realism of threat simulation. Black box tests external risks, grey box evaluates insider-adjacent threats, and white box provides the deepest technical analysis.
+
+    === Black Box Testing
+
+    The testing team has no prior knowledge of the target system (e.g., internal architecture, source code, credentials, or network topology). Testing simulates an external attacker with only publicly available information. The purpose is to evaluate realistic attack surfaces, unpatched vulnerabilities exposed to the internet, and the effectiveness of perimeter defenses.
+
+    For example: a penetration test against a company’s public-facing e-commerce website (`www.maride.inv`). Testers are provided only the domain name and must identify vulnerabilities using only publicly available and gathered information. No access to internal systems or credentials is granted.
+
+    === Grey Box Testing
+
+    The testing team is provided limited, realistic information (e.g., user credentials, network diagrams, or documentation). This simulates a threat actor with compromised credentials or insider access. The purpose is to bridge the gap between external and internal testing; uncover vulnerabilities exploitable by authenticated users or partial insider knowledge.
+
+    For example: testing a corporate web application where testers are given a low-privileged user account (e.g., "standard employee" credentials). Testers identify issues like privilege escalation, insecure data handling, or business logic flaws that an internal user could exploit.
+
+    === White Box Testing
+
+    The testing team has complete, detailed access to the target system (e.g., source code, infrastructure diagrams, credentials, and system configurations). This simulates a highly motivated insider threat with deep system knowledge. The purpose is to perform exhaustive code-level analysis, identify root causes of vulnerabilities, and validate secure development practices.
+
+    For example: reviewing the source code of a custom mobile banking application. Testers are provided full access to the code repository, database schemas, and API documentation to identify flaws like hardcoded secrets, cryptographic misconfigurations, or insecure API endpoints.
+  ]
+}

pages/cover.typ

@@ -0,0 +1,48 @@
+#import "marks.typ"
+
+#let render(title, place, author, reportType, confidential: false, tlp: none, draft: false) = {
+  // Define page
+  set page(
+    background: [
+      #image("title.png")
+    ],
+    margin: (
+      top: 50%
+    )
+  )
+  // Reset counter
+  counter(page).update(n => n - 1)
+  
+  text(size: 32pt, [
+    #text(reportType)\ 
+    #text(title, weight: "black")
+  ])
+
+  v(0.25pt)
+  
+  text(size: 16pt, [
+    #place, #datetime.today().display("[day].[month].[year]")
+
+    #author
+  ])
+
+  v(1fr)
+
+  grid(
+    columns: (1fr, 1fr, 1fr),
+    gutter: 5pt,
+    rows: (75pt),
+    // "Confidential" marking
+    if confidential {
+      marks.confidential()
+    },
+    // "Draft" marking
+    if draft {
+      marks.draft()
+    },
+    // TLP marking, see https://www.first.org/tlp/
+    if tlp != none {
+      marks.tlp(tlp)
+    }
+  )
+}

pages/legal.typ

@@ -0,0 +1,35 @@
+#import "../aux/placeholder.typ": placeholder
+
+#let render(author) = {
+  // Reset counter
+  counter(page).update(n => n - 1)
+  
+  block(height: 1fr)
+
+  show heading: it => {
+  v(1em)
+    par(text(it.body, fill: gray))
+  }
+  text(fill: silver,
+    [
+    #heading(level: 2, outlined:false, "Report Version & Authorship")
+
+    #table(
+      columns: (15%, 15%, 35%, 35%),
+      align: left,
+      stroke: gray,
+      [*Version*], [*Date*], [*Author*], [*Changes & Comment*],
+      [#placeholder("Draft")], [#placeholder("01.01.1970")], [#placeholder(author)], [#placeholder("Some")]
+    )
+
+    #heading(level: 2, outlined:false, "Classification")
+    This report and all associated materials are strictly confidential and may be communicated and/or distributed by the Client only with written approval of the author. All report data, including findings and recommendations, may be stored encrypted in the author's secure archive post-engagement, in compliance with applicable data protection regulations.
+
+    #heading(level: 2, outlined:false, "Legal Disclaimer")
+    This report constitutes the professional findings of a penetration test conducted under the scope and terms agreed upon by the client. All results reflect the state of security vulnerabilities as assessed during the engagement using standardized methodologies and tools. The findings presented are not guarantees of security or compliance; they represent identified weaknesses which may require remediation as by the professional impression of the author.
+
+    The client is responsible for interpreting these findings within their operational context and for implementing appropriate security measures. No liability is taken for actions which are based on this report. This assessment does not constitute security certification, and its results are valid only for the scope and timeframe of the engagement. Neither the contents of this document nor the expressions of the author in any form are legal advice.
+  ])
+
+  pagebreak()
+}

pages/marks.typ

@@ -0,0 +1,36 @@
+// confidential draws a "CONFIDENTIAL" stamp, used on the cover page
+#let confidential() = {
+  rect(
+    height: 100%,
+    width: 100%,
+    stroke: (paint: red, thickness: 2pt, dash: "solid"),
+    align(center + horizon,
+      text(
+        size: 18pt,
+        weight: "semibold",
+        fill: red,
+        "CONFIDENTIAL"
+      )
+    )
+  )
+}
+
+// draft draws a "DRAFT" stamp, used on the cover page
+#let draft() = {
+  rect(
+    height: 100%,
+    width: 100%,
+    stroke: (paint: blue, thickness: 2pt, dash: "solid"),
+    align(center + horizon,
+      text(
+        size: 18pt,
+        weight: "semibold",
+        fill: blue,
+        "DRAFT"
+      )
+    )
+  )
+}
+
+// for the TLP mark, see addons/tlp.typ:mark()
+#import "../addons/tlp.typ": mark as tlp

pages/mgmtsum.typ

@@ -0,0 +1,104 @@
+#import "@preview/diagraph:0.3.6"
+
+#import "../addons/cvss.typ"
+
+#let render(target: str, targetInSentence: str, testFocus: str, testObject: str, testScenario: str, recommendation: str, start: str, end: str, setup: str, nodes: str, scope: array) = {
+  [
+    = Management Summary
+
+    == Motivation
+
+    #target ordered Acme Security, LLC to perform a #testScenario penetration test onto a selected number of hosts in a live and productive environment.
+
+    This penetration test was conducted to proactively identify, assess, and validate the severity of security vulnerabilities within the defined scope of #targetInSentence, specifically those exploitable by #testFocus. Adversarial techniques to bypass controls, gain unauthorized access, and compromise critical assets were performed for this test scenario to determine the actual impact on confidentiality, integrity, and availability.
+
+    == Test Object
+
+    #testObject
+
+    == Test Methodology
+
+    The aim of the test was to uncover vulnerabilities and weaknesses of all kinds and chaining findings and vulnerabilities accordingly to gain a deep understanding of the audited hosts, following a security-in-depth approach. The tests were carried out in accordance with the MITRE ATT&CK Framework#footnote("https://attack.mitre.org").
+
+    The penetration test was performed as a #testScenario.
+
+    == Findings
+
+    The penetration test revealed #context([
+      #let num = cvss.riskCategoryStats.values().map(v => v.final()).sum()
+      #if num == 1 {
+        [ #num finding ]
+      } else {
+        [ #num findings ]
+      }
+    ]) which can be categorized by risk:
+
+    #table(
+      columns: (16.66%, 16.66%, 16.66%, 16.66%, 16.66%, 16.66%),
+      align: center,
+      [Critical], [High], [Medium], [Low], [None], [Other],
+      table.cell(context(cvss.riskCategoryStats.Critical.final()), fill: red, align: center),
+      table.cell(context(cvss.riskCategoryStats.High.final()), fill: orange, align: center),
+      table.cell(context(cvss.riskCategoryStats.Medium.final()), fill: yellow, align: center),
+      table.cell(context(cvss.riskCategoryStats.Low.final()), fill: lime, align: center),
+      table.cell(context(cvss.riskCategoryStats.None.final()), fill: white, align: center),
+      table.cell(context(cvss.riskCategoryStats.Other.final()), fill: gray, align: center),
+    )
+
+    == Recommendations & Next Steps
+
+    #recommendation
+
+    == Test Scope and Setup
+
+    #if start != "" {
+      if end != "" {
+        [ The test was conducted from #start to #end. ]
+      } else {
+        [ The test was conducted on #start. ]
+      }
+    }
+
+    #setup
+
+    The following scope was set for the penetration test:
+
+    #table(
+      columns: (25%, 50%, 25%),
+      align: center,
+      inset: 10pt,
+      table.cell(fill: color.linear-rgb(4.5%, 14.5%, 14.5%, 100))[*Type*],
+      table.cell(fill: color.linear-rgb(4.5%, 14.5%, 14.5%, 100))[*Value*],
+      table.cell(fill: color.linear-rgb(4.5%, 14.5%, 14.5%, 100))[*State*],
+      ..for (i, value) in scope.enumerate() {
+        (
+          table.cell(value.type),
+          table.cell(value.content),
+          if value.inScope {
+            table.cell("In scope", fill: lime, align: center)
+          } else {
+            table.cell("Out of scope", fill: gray, align: center)
+          }
+        )
+      }
+    )
+
+    #if nodes != "" {
+      [ From the perspective of the machine used for the penetration test, the network layout was seen as shown in the graph below. ]
+
+      figure(
+        diagraph.render("
+          digraph G {
+            rankdir=LR;
+            node [shape=rectangle];
+
+            " + nodes + "
+          }
+        "),
+        caption: [
+          Schematic graph showing the test objective network
+        ]
+      )
+    }
+  ]
+}

pages/pages.typ

@@ -0,0 +1,5 @@
+#import "boxes.typ"
+#import "cover.typ"
+#import "legal.typ"
+#import "mgmtsum.typ"
+#import "toc.typ"

pages/toc.typ

@@ -0,0 +1,7 @@
+#let render() = {
+  outline(
+    title: "Table of contents",
+    indent: 10pt,
+    depth: 2
+  )
+}