search

cisagov / tpt-reports

Process to build and distribute Technical Phishing Test (TPT) reports
Creative Commons Zero v1.0 Universal
4 stars 0 forks source link

Change Logic Behind # of Payloads Executed #65

Closed jthough9 closed 10 months ago

jthough9 commented 10 months ago

🐛 Summary

When a report is generated, the value attached to "payloads executed and connected to the CISA team's command-and-control C2 server (Not Blocked)." counts both border protection and host protection Not Blocked's, when it should only count the host protection Not Blocked's.

To reproduce

Steps to reproduce the behavior:

  1. Generate a test report
  2. Scroll to the section "Phishing Controls Assessment"
  3. Locate value associated with total payloads executed and compare with all Not Blocked's in the Host Protection Column of the chart below

Expected behavior

What did you expect to happen that didn't?

We expected the total payloads executed value to match the total number of Not Blocked's in the Host Protection Column of the payloads.

Any helpful log output or screenshots

Paste the results here:

Contact PCA Analysts for more information

Add any screenshots of the problem here.

jennythompson8675309 commented 10 months ago

Also in this paragraph, can we change "complicit user's inbox (in spam)" to "complicit user's mailbox" ? I don't think that "in spam" bit is dynamically generated from the JSON, and as such, this sentence likely won't be true for all users.