pwndoc v0.5.3 releases: pentest reporting application

by do son · Published · Updated

pentest reporting application

PwnDoc

PwnDoc is a pentest reporting application making it simple and easy to write your findings and generate a customizable Docx report.
The main goal is to have more time to Pwn and less time to Doc by mutualizing data like vulnerabilities between users.

Features

  • Multiple Language support
  • Multiple Data support
  • Great Customization
    • Manage reusable Audit and Vulnerability Data
    • Create Custom Sections
    • Add custom fields to Vulnerabilities
  • Vulnerabilities Management
  • Multi-User reporting
  • Docx Report Generation
  • Docx Template customization

Pwndoc can manage Vulnerabilities in order to simplify redaction of an Audit. They can be added when editing an Audit as a Finding.
Each vulnerability can have multiple languages.

Create

When creating a Vulnerability, a Category must be selected (or No Category)

A Vulnerability is defined by:

  • Title
  • Type
  • Language
  • Description
  • Observation
  • CVSS
  • Remediation
  • Remediation Complexity
  • Remediation Priority
  • References
  • Category
  • (Additional fields from Category)

Changelog v0.5.3

Enhancements

  • Add Dark mode theme 9564911
  • Update CVSS calculation 5cb9661
    • Use First roundup function for impact and exploitability subscores
    • Add temporal colors for template
    • Add environmental colors for template
    • Add environmental impact and exploitability subscores
    • Update sorting with Environmental and Temporal scores
    • Removed cvssScore and cvssSeverity from models since now they are always calculated based on the vector string
  • Update websockets to reconnect after a disconnect 0813945
    • Updated socket.io to last version
    • If server connection is lost websockets for Audit menu will reconnect automatically
  • Add dynamic check for backend connection 2673749
    • If websocket disconnect then a loading message appear until it reconnects
  • Remove user deletion to prevent missing references 6e3de55
    • Deleting users breaked their links to different objects like audits.
    • It’s better to use the recent disable feature to avoid orphan objects

Merged

  • Added a short name to companies and included it on reports cd72648
  • Create filter to sort findings in document a551379
  • Add i18n fr-FR translation 260f5dc
  • i18n de-DE: Adding German Interface Translation 48dad91
  • Add ‘Disable user’ feature a8d6d49

Fixed

  • Correctly reject promise when wrong password on profile 711dbf1
  • Fix client selection issue (#242f8e6c27

Install & Use

Copyright (c) 2020 pwndoc

Tags: pentest reporting application