In the payload table, please change Host Protection to "N/A" (in grey) for payloads that have "Attached" in the payload description.
Motivation and context
During testing, the RPT operator walks the client through downloading 30+ payloads from a webpage and attempting to execute those payloads. Some subset of those same payloads are then sent via email as attachments to test the email firewall. As the user already attempted execution of these same payloads in the first half of the assessment, the RPT operator does not ask them to attempt execution again. As such, the payload is not tested against host-based IDS when it is sent as an attachment.
Listing these attached payloads as "N/A" for "Host Protection" would prevent confusion on the part of the recipient and also prevent them from being double counted in the summary paragraph.
Implementation notes
I manually made the change in the most recent TPT Report, so you can refer to that in the sharepoint to see what what I mean.
💡 Summary
In the payload table, please change Host Protection to "N/A" (in grey) for payloads that have "Attached" in the payload description.
Motivation and context
During testing, the RPT operator walks the client through downloading 30+ payloads from a webpage and attempting to execute those payloads. Some subset of those same payloads are then sent via email as attachments to test the email firewall. As the user already attempted execution of these same payloads in the first half of the assessment, the RPT operator does not ask them to attempt execution again. As such, the payload is not tested against host-based IDS when it is sent as an attachment.
Listing these attached payloads as "N/A" for "Host Protection" would prevent confusion on the part of the recipient and also prevent them from being double counted in the summary paragraph.
Implementation notes
I manually made the change in the most recent TPT Report, so you can refer to that in the sharepoint to see what what I mean.