#import "addons/addons.typ" #import "pages/pages.typ" #import "aux/placeholder.typ": placeholder, rawPlaceholder, panicOnPlaceholder // Project-specific variables #panicOnPlaceholder.update(false) #let place = placeholder("New York") #let author = placeholder("Dade Murphy") #let targetFull = placeholder("Ellingson Mineral Corporation") #let targetInSentence = placeholder("Ellingston Mineral") #let reportType = placeholder("Penetration Test Report") #let creationDate = rawPlaceholder(datetime.today()) // Document setup #set document( title: [#reportType #targetFull], author: if type(author) == str { author } else { () }, date: creationDate ) // Page & styling setup #set text(font: "Helvetica Neue") #show heading: it => { v(1em) par(text(it.body, fill: color.linear-rgb(4.5%, 14.5%, 14.5%, 255))) } #set heading(numbering: "1.1") #set par(justify: true) #set page( paper: "a4", background: none, margin: auto, numbering: "1", footer: context(if here().page() > 2 { text(size: 12pt, weight: "extralight")[ #text(fill: silver, [#reportType #targetFull]) #h(1fr) #context( text(fill: silver, counter(page).display("1 of 1", both: true)) ) ] } ) ) #set super(size: 6pt) // ----- Cover & Legal disclaimer(s) ----- #pages.cover.render(targetFull, place, author, creationDate, reportType, confidential: rawPlaceholder(false), // set to true for a "CONFIDENTIAL" mark on the cover tlp: rawPlaceholder("amber+strict"), // set to one of "RED", "AMBER+STRICT", "AMBER", "GREEN", "CLEAR", or none. See https://www.first.org/tlp/ draft: rawPlaceholder(true) // set to true for a "DRAFT" mark on the cover ) #pages.legal.render(author, ( (version: placeholder("Draft"), date: placeholder("01.01.1970"), author: author, changes: placeholder("Some")), ), ) // ----- Table of contents ----- #pages.toc.render() #pagebreak() // ----- Management Summary ----- #pages.mgmtsum.render( target: targetFull, targetInSentence: targetInSentence, testFocus: placeholder("external attackers in real-world scenarios"), testObject: placeholder(lorem(30)), testScenario: placeholder("black box test"), recommendation: placeholder([Based on the results of this penetration test, #targetInSentence may be exposed to a production environment.]), start: placeholder("01.01.1970"), end: placeholder("31.12.1970"), setup: placeholder([Connection to #targetFull was made through a dedicated VPN connection. The inner IP address of the test device was 10.0.0.42.]), nodes: rawPlaceholder(``` digraph G { rankdir=LR; node [shape=rectangle]; color="#3C6A6A"; subgraph cluster_conn { label="Connection" User -> Firewall [label="OpenVPN"] } subgraph cluster_targetnet1 { label="DMZ"; Firewall -> Target1 Firewall -> Target2 Firewall -> Target3 Firewall -> Target4 } subgraph cluster_targetnet2 { label="Mgmt LAN" Target2 -> Target5 Target2 -> Target6 Target2 -> Target7 } subgraph cluster_targetnet3 { label="IoT Devices" Target4 -> Target8 } } ```), scope: ( ( type: "Address", content: placeholder("10.23.42.1"), inScope: true ), ( type: "Address", content: placeholder("2001:db8::2342"), inScope: true ), ( type: "Domain", content: placeholder("*.ellingson-mineral.co"), inScope: true ), ( type: "URL", content: placeholder("secret.ellingson-mineral.co/flag.txt"), inScope: false), ( type: "URL", content: placeholder("important.ellingson-mineral.co/rickroll"), inScope: false) ) ) #pagebreak() // ----- Findings ----- #include "findings.typ" #pagebreak() // ----- Appendix ----- = Appendix #context( [ #(( pages.boxes.render(), if addons.cia.isUsed.get() { addons.cia.appendix() }, if addons.cvss.isUsed.get() { addons.cvss.appendix() }, if addons.tlp.isUsed.get() { addons.tlp.appendix() } ).join(pagebreak())) ] )