#import "pages.typ" #import "helper.typ" // Project-specific variables #helper.panicOnPlaceholder.update(false) #let place = helper.placeholder("Düsseldorf") #let author = helper.placeholder("Martin \"maride\" Dessauer") #let targetFull = helper.placeholder("FooBar Dummy Lab") #let targetInSentence = helper.placeholder("the Dummy Lab") // --- #set text(font: "Helvetica Neue") #show heading: it => { v(1em) par(text(it.body, fill: color.linear-rgb(4.5%, 14.5%, 14.5%, 255))) } #set heading(numbering: "1.1") #set par(justify: true) // ----- Cover & Legal disclaimer(s) ----- #pages.cover(targetFull, place, author, confidential: false, // set to true for a "CONFIDENTIAL" mark on the cover tlp: "red", // set to one of "RED", "AMBER+STRICT", "AMBER", "GREEN", "CLEAR", or none. See https://www.first.org/tlp/ draft: true // set to true for a "DRAFT" mark on the cover ) #pages.legal(author) #set page( paper: "a4", background: none, margin: auto, numbering: "1", footer: text(size: 12pt, weight: "extralight")[ #text(fill: silver, [Penetration Test Report #targetFull]) #h(1fr) #context( text(fill: silver, counter(page).display("1 of 1", both: true)) ) ] ) // ----- Table of contents ----- #pages.toc() #pagebreak() // ----- Management Summary ----- #pages.managementSummary( target: targetFull, targetInSentence: targetInSentence, testFocus: helper.placeholder("external attackers in real-world scenarios"), testObject: helper.placeholder(lorem(30)), testScenario: helper.placeholder("black box test"), recommendation: helper.placeholder([Based on the results of this penetration test, #targetInSentence may be exposed to a production environment.]) ) #pagebreak() // ----- Test Scope & Setup ----- #pages.scopeAndSetup( target: targetFull, start: helper.placeholder("01.01.1970"), end: helper.placeholder("31.12.1970"), setup: helper.placeholder([Connection to #targetFull was made through a dedicated VPN connection. The inner IP address of the test device was 10.0.0.42.]), nodes: " subgraph stage1 { label=\"Connection\"; User -> Firewall [label=\"OpenVPN\"]; } subgraph targetnet1 { label=\"Target Network\"; Firewall -> Target1; Firewall -> Target2; Firewall -> Target3; Firewall -> Target4; } subgraph targetnet2 { label=\"Target Network\"; Target2 -> Target5; Target2 -> Target6; Target2 -> Target7; } subgraph targetnet3 { label=\"Target Network\"; Target4 -> Target8; } ", scope: ( ( type: "Address", content: helper.placeholder("10.23.42.1"), inScope: true ), ( type: "Address", content: helper.placeholder("10.23.42.1"), inScope: true ), ( type: "Address", content: helper.placeholder("2001:db8::2342"), inScope: true ), ( type: "Domain", content: helper.placeholder("*.maride.inv"), inScope: true ), ( type: "URL", content: helper.placeholder("secret.maride.inv/flag.txt"), inScope: false), ( type: "URL", content: helper.placeholder("important.maride.inv/rickroll"), inScope: false) ) ) #pagebreak() // ----- Findings ----- #include "findings.typ" #pagebreak() // ----- Appendix ----- = Appendix #context( [ #(( pages.boxAppendix(), pages.ciaAppendix(), if helper.hasCVSSTable.get() { pages.cvssAppendix() } ).join(pagebreak())) ] )