Reports

Engagement overview
Scope definition
Key statistics
- Targets discovered
- Vulnerabilities identified
- Credentials captured
- Systems compromised
Finding severity breakdown (chart)
Critical findings highlight
Risk assessment
High-level recommendations

Methodology

Engagement approach
Testing methodology
Tools and techniques
Scope and limitations
Timeline overview
Kill chain progression

Findings

For each finding:

Title
Severity rating
CVSS score (if applicable)
Affected systems
Description
Impact analysis
Steps to reproduce
Evidence (screenshots, output)
Remediation recommendations
References (CVE, vendor docs)

Organized by:

Severity (Critical → Informational)
Or by category (Web, Network, System, etc.)

Network Topology

Network diagram showing:
- Discovered infrastructure
- Compromised systems
- Lateral movement paths
- Attack progression

MITRE ATT&CK Analysis

Techniques observed
Tactic coverage
Technique frequency
ATT&CK matrix visualization

Remediation Roadmap

Prioritized remediation plan
Quick wins (easy, high-impact fixes)
Long-term improvements
Defense-in-depth recommendations

Appendices

Complete evidence catalog
Full command outputs
Tool outputs
Vulnerability details
Glossary of terms

Report Templates

Creating Templates

Navigate to Reporting → Reports
Go to Templates tab
Click Create Template
Configure template settings:
- Template name
- Default sections
- Formatting preferences
- Header/footer content
- Branding (logo, colors)

Template Components

Header:

Company logo
Report title
Classification marking
Page numbers

Footer:

Copyright notice
Confidentiality statement
Contact information
Page numbers

Styling:

Font families
Color scheme
Heading styles
Code block formatting

Sections:

Which sections to include by default
Section ordering
Custom sections

Applying Templates

When generating report:

Select template from dropdown
Template applies:
- Formatting
- Branding
- Default sections
- Styling
Override options if needed
Generate report

Report Customization

Custom Sections

Add engagement-specific sections:

Common additions:

Client-specific context
Special testing scenarios
Engagement challenges
Lessons learned
Future testing recommendations

Branding

Customize report appearance:

Add company logo
Apply color scheme
Custom fonts
Watermarks
Classification banners

Formatting

Adjust formatting:

Page size (A4, Letter)
Margins
Line spacing
Code block styles
Screenshot sizing

Report Review

Pre-Generation Checklist

Before generating final report:

Findings review:
- [ ] All findings have clear titles
- [ ] Severity ratings are consistent
- [ ] Evidence is attached
- [ ] Remediation is actionable
- [ ] Steps to reproduce are complete
Evidence review:
- [ ] All evidence is linked
- [ ] Screenshots are clear and readable
- [ ] Sensitive data is redacted
- [ ] Evidence descriptions are clear
Content review:
- [ ] Scope is accurately documented
- [ ] Timeline is complete
- [ ] Kill chain shows progression
- [ ] Network topology is accurate
- [ ] MITRE mapping is complete
Quality review:
- [ ] Grammar and spelling checked
- [ ] Technical accuracy verified
- [ ] Consistent terminology
- [ ] Appropriate audience level

Peer Review

Have another team member review:

Technical accuracy
Finding severity ratings
Remediation recommendations
Report clarity and completeness
Professional presentation

Client Review (Optional)

For preliminary reports:

Share draft with client
Gather feedback
Address questions
Clarify findings
Adjust recommendations

Report Delivery

PDF Generation

Generate final PDF:

Review all content
Select final template
Generate PDF

Save with clear filename:

ClientName_RedTeam_Report_YYYY-MM-DD_v1.0.pdf

Encryption

For sensitive reports:

Encrypt PDF with password
Use strong password
Share password via separate channel
Document encryption method

Delivery Methods

Secure file transfer:

Encrypted email
Secure file sharing platform
Client portal upload
In-person delivery

Versioning:

v0.1 - Draft for internal review
v0.5 - Draft for client review
v1.0 - Final approved report
v1.1 - Addendum after client questions

Report Sections Detail

Executive Summary Guidelines

Length: 1-2 pages

Language: Non-technical, business-focused

Content:

What was tested
What was found
Why it matters
What to do about it

Avoid:

Technical jargon
Detailed exploitation steps
Tool names
Command syntax

Example structure:

[Client] engaged [Company] to perform a red team assessment
from [Start Date] to [End Date].

The assessment identified [X] critical and [Y] high-severity
findings that could allow unauthorized access to sensitive data
and systems.

Key findings include:
1. [Critical Finding 1]
2. [Critical Finding 2]
3. [High Finding 1]

Immediate action is recommended to address critical findings.

Technical Findings Guidelines

Title: Clear, specific vulnerability name

Severity: Justified rating based on impact and exploitability

Description:

What the vulnerability is
Where it exists
How it was discovered

Impact:

What attacker could achieve
Business impact
Data at risk

Evidence:

Screenshots showing vulnerability
Command output
Proof of exploitation

Remediation:

Specific, actionable steps
Priority level
Estimated effort
References to best practices

Network Topology Guidelines

Include:

All discovered systems
Network boundaries
Compromised systems (highlighted)
Lateral movement paths
Initial access point
Final position

Use color coding:

Green: Scanned but not compromised
Yellow: Compromised with user privileges
Red: Compromised with admin privileges
Gray: Out of scope

MITRE ATT&CK Guidelines

Include:

Complete ATT&CK matrix with observed techniques
Technique descriptions
How each technique was used
Affected systems
Detection opportunities

Best Practices

Writing Style

Clear and concise: Get to the point
Audience-appropriate: Technical for tech teams, business language for executives
Objective: Present facts, not opinions
Professional: Formal tone throughout
Consistent: Use same terms and formats throughout