pwndoc v0.5.3 releases: pentest reporting application

PwnDoc

PwnDoc is a pentest reporting application making it simple and easy to write your findings and generate a customizable Docx report.
The main goal is to have more time to Pwn and less time to Doc by mutualizing data like vulnerabilities between users.

Features

• Multiple Language support
• Multiple Data support
• Great Customization
  • Manage reusable Audit and Vulnerability Data
  • Create Custom Sections
  • Add custom fields to Vulnerabilities
• Vulnerabilities Management
• Multi-User reporting
• Docx Report Generation
• Docx Template customization

Pwndoc can manage Vulnerabilities in order to simplify redaction of an Audit. They can be added when editing an Audit as a Finding.
Each vulnerability can have multiple languages.

Create

When creating a Vulnerability, a Category must be selected (or No Category)

A Vulnerability is defined by:

• Title
• Type
• Language
• Description
• Observation
• CVSS
• Remediation
• Remediation Complexity
• Remediation Priority
• References
• Category
• (Additional fields from Category)

Changelog v0.5.3

Enhancements

• Add Dark mode theme 9564911
• Update CVSS calculation 5cb9661
  • Use First roundup function for impact and exploitability subscores
  • Add temporal colors for template
  • Add environmental colors for template
  • Add environmental impact and exploitability subscores
  • Update sorting with Environmental and Temporal scores
  • Removed cvssScore and cvssSeverity from models since now they are always calculated based on the vector string
• Update websockets to reconnect after a disconnect 0813945
  • Updated socket.io to last version
  • If server connection is lost websockets for Audit menu will reconnect automatically
• Add dynamic check for backend connection 2673749
  • If websocket disconnect then a loading message appear until it reconnects
• Remove user deletion to prevent missing references 6e3de55
  • Deleting users breaked their links to different objects like audits.
  • It’s better to use the recent disable feature to avoid orphan objects

Merged

• Added a short name to companies and included it on reports cd72648
• Create filter to sort findings in document a551379
• Add i18n fr-FR translation 260f5dc
• i18n de-DE: Adding German Interface Translation 48dad91
• Add ‘Disable user’ feature a8d6d49

Fixed

• Correctly reject promise when wrong password on profile 711dbf1
• Fix client selection issue (#242) f8e6c27

Install & Use

Copyright (c) 2020 pwndoc