PeTeReport

PeTeReport (PenTest Report) is an open-source application vulnerability reporting tool designed to assist pentesting/redteaming efforts, by simplifying the task of writting and generation of reports.

Focused in product security, the tool help security researchers and pentesters to provide detailed findings, appendix, attack paths and manage a finding template database to avoid wasting time spent in the reporting phase.

PeTeReport (PenTest Report) is written in Django and Python 3 with the aim to help pentesters and security researchers to manage a finding repository, write reports (in Markdown) and generate reports in different formats (HTML, CSV, PDF, Jupyter and Markdown).

Pentesting content management and reporting tool

Documentation

Documentation

Installation and deployment

Features

• [x] Customizable reports output
• [x] Customizable reports templates thanks to Eisvogel
• [x] Findings template database
• [x] Possibility to add appendix to findings
• [x] Possibility to add Attack Flow to findings. This project is created and maintained by the MITRE Engenuity Center for Threat-Informed Defense
• [x] HTML Output format
• [x] CSV Output format
• [x] PDF Output format
• [x] Jupyter Notebook Output format
• [x] Markdown Output format
• [x] CVSS 4 Score
• [x] Docker installation
• [x] DefectDojo integration
• [x] User management
• [x] Custom fields
• [x] CWE custom list
• [x] Multilingual UI Lang files

TODO

• [ ] More Output formats
• [ ] API
• [ ] Multilingual Report templates

Demo

Demo admin/P3t3r3p0rt

Sample Reports

• PDF Sample
• HTML Sample
• MD Sample
• CSV Sample
• Jupyter Sample