From a7e3fdb18e183b598c8488fa7065c682418b3d99 Mon Sep 17 00:00:00 2001 From: Meitar M Date: Thu, 6 Sep 2018 13:44:59 -0400 Subject: [PATCH 1/2] Fix the Pentesting Report Template. This commit removes items from the Pentesting Report Template section that are either not templates or have been removed from the source. Further, line items are updated to use meaningful descriptions and to follow the Awesome List style guides (capitalization and punctuation). --- README.md | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 7aa953b..3ae30cf 100644 --- a/README.md +++ b/README.md @@ -475,11 +475,8 @@ Your contributions and suggestions are heartily♥ welcome. (✿◕‿◕). Plea ### Penetration Testing Report Templates * [Public Pentesting Reports](https://github.com/juliocesarfort/public-pentesting-reports) - Curated list of public penetration test reports released by several consulting firms and academic security groups. -* [Pentesting Report Template](https://www.testandverification.com/wp-content/uploads/template-penetration-testing-report-v03.pdf) - testandverification.com template. -* [Pentesting Report Template](https://www.hitachi-systems-security.com/wp-content/uploads/Above-Security-Technical-Security-Audit-Demo-Report_En_FINAL.pdf) - hitachi-systems-security.com template. -* [Pentesting Report Template](http://lucideus.com/pdf/stw.pdf) - lucideus.com template. -* [Pentesting Report Template](https://www.crest-approved.org/wp-content/uploads/CREST-Penetration-Testing-Guide.pdf) - crest-approved.org templage. -* [Pentesting Report Template](https://www.pcisecuritystandards.org/documents/Penetration_Testing_Guidance_March_2015.pdf) - pcisecuritystandards.org template. +* [T&VS Pentesting Report Template](https://www.testandverification.com/wp-content/uploads/template-penetration-testing-report-v03.pdf) - Pentest report template provided by Test and Verification Services, Ltd. +* [Web Application Security Assessment Report Template](http://lucideus.com/pdf/stw.pdf) - Sample Web application security assessment reporting template provided by Lucideus. ## Books From f5d3b0ff04f683827f3dfefc0786f7f2396df85a Mon Sep 17 00:00:00 2001 From: Meitar M Date: Thu, 6 Sep 2018 13:47:24 -0400 Subject: [PATCH 2/2] Fix the Docker for Penetration Testing section: punctuation, etc. --- README.md | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/README.md b/README.md index 3ae30cf..fa70c64 100644 --- a/README.md +++ b/README.md @@ -126,22 +126,22 @@ Your contributions and suggestions are heartily♥ welcome. (✿◕‿◕). Plea ### Docker for Penetration Testing -* `docker pull kalilinux/kali-linux-docker` [official Kali Linux](https://hub.docker.com/r/kalilinux/kali-linux-docker/) -* `docker pull owasp/zap2docker-stable` - [official OWASP ZAP](https://github.com/zaproxy/zaproxy) -* `docker pull wpscanteam/wpscan` - [official WPScan](https://hub.docker.com/r/wpscanteam/wpscan/) -* `docker pull citizenstig/dvwa` - [Damn Vulnerable Web Application (DVWA)](https://hub.docker.com/r/citizenstig/dvwa/) -* `docker pull wpscanteam/vulnerablewordpress` - [Vulnerable WordPress Installation](https://hub.docker.com/r/wpscanteam/vulnerablewordpress/) -* `docker pull hmlio/vaas-cve-2014-6271` - [Vulnerability as a service: Shellshock](https://hub.docker.com/r/hmlio/vaas-cve-2014-6271/) -* `docker pull hmlio/vaas-cve-2014-0160` - [Vulnerability as a service: Heartbleed](https://hub.docker.com/r/hmlio/vaas-cve-2014-0160/) -* `docker pull vulnerables/cve-2017-7494` - [Vulnerability as a service: SambaCry](https://hub.docker.com/r/vulnerables/cve-2017-7494/) -* `docker pull opendns/security-ninjas` - [Security Ninjas](https://hub.docker.com/r/opendns/security-ninjas/) -* `docker pull diogomonica/docker-bench-security` - [Docker Bench for Security](https://hub.docker.com/r/diogomonica/docker-bench-security/) -* `docker pull ismisepaul/securityshepherd` - [OWASP Security Shepherd](https://hub.docker.com/r/ismisepaul/securityshepherd/) -* `docker pull danmx/docker-owasp-webgoat` - [OWASP WebGoat Project docker image](https://hub.docker.com/r/danmx/docker-owasp-webgoat/) -* `docker-compose build && docker-compose up` - [OWASP NodeGoat](https://github.com/owasp/nodegoat#option-3---run-nodegoat-on-docker) -* `docker pull citizenstig/nowasp` - [OWASP Mutillidae II Web Pen-Test Practice Application](https://hub.docker.com/r/citizenstig/nowasp/) -* `docker pull bkimminich/juice-shop` - [OWASP Juice Shop](https://github.com/bkimminich/juice-shop#docker-container--) -* `docker pull phocean/msf` - [docker-metasploit](https://hub.docker.com/r/phocean/msf/) +* `docker pull kalilinux/kali-linux-docker` - [Official Kali Linux](https://hub.docker.com/r/kalilinux/kali-linux-docker/). +* `docker pull owasp/zap2docker-stable` - [Official OWASP ZAP](https://github.com/zaproxy/zaproxy). +* `docker pull wpscanteam/wpscan` - [Official WPScan](https://hub.docker.com/r/wpscanteam/wpscan/). +* `docker pull citizenstig/dvwa` - [Damn Vulnerable Web Application (DVWA)](https://hub.docker.com/r/citizenstig/dvwa/). +* `docker pull wpscanteam/vulnerablewordpress` - [Vulnerable WordPress Installation](https://hub.docker.com/r/wpscanteam/vulnerablewordpress/). +* `docker pull hmlio/vaas-cve-2014-6271` - [Vulnerability as a service: Shellshock](https://hub.docker.com/r/hmlio/vaas-cve-2014-6271/). +* `docker pull hmlio/vaas-cve-2014-0160` - [Vulnerability as a service: Heartbleed](https://hub.docker.com/r/hmlio/vaas-cve-2014-0160/). +* `docker pull vulnerables/cve-2017-7494` - [Vulnerability as a service: SambaCry](https://hub.docker.com/r/vulnerables/cve-2017-7494/). +* `docker pull opendns/security-ninjas` - [Security Ninjas](https://hub.docker.com/r/opendns/security-ninjas/). +* `docker pull diogomonica/docker-bench-security` - [Docker Bench for Security](https://hub.docker.com/r/diogomonica/docker-bench-security/). +* `docker pull ismisepaul/securityshepherd` - [OWASP Security Shepherd](https://hub.docker.com/r/ismisepaul/securityshepherd/). +* `docker pull danmx/docker-owasp-webgoat` - [OWASP WebGoat Project docker image](https://hub.docker.com/r/danmx/docker-owasp-webgoat/). +* `docker-compose build && docker-compose up` - [OWASP NodeGoat](https://github.com/owasp/nodegoat#option-3---run-nodegoat-on-docker). +* `docker pull citizenstig/nowasp` - [OWASP Mutillidae II Web Pen-Test Practice Application](https://hub.docker.com/r/citizenstig/nowasp/). +* `docker pull bkimminich/juice-shop` - [OWASP Juice Shop](https://github.com/bkimminich/juice-shop#docker-container--). +* `docker pull phocean/msf` - [docker-metasploit](https://hub.docker.com/r/phocean/msf/). ### Multi-paradigm Frameworks