Reports
Each of the Rapid Penetration Tests provides rich reports that can be used to consolidate, view and distribute your test findings as well as to plan ongoing prevention and remediation efforts. Reporting options are similar for each RPT and several reports are available for multiple RPTs.
- Types of Reports
- List of Available Reports
- Running Crystal Reports
- Running Spreadsheet Reports
- Creating User Spreadsheet Reports
- Running Reports from the Dashboard
For any report that consolidates data for more than one workspace, unique IP addresses and unique email addresses are treated differently for data summaries. For example, if the same IP address is discovered in 3 different workspaces, the report's Summary of Discovered Hosts will show a count of 3 hosts. Alternatively, if the same email address is reported in 3 different workspaces, the report's Summary of Targeted Users will show a count of 1 email address.
Types of Reports
- Crystal Report: This option uses SAP Crystal Reports as the engine to generate report data. Jump to Running Crystal Reports. Some reports are available only as Crystal Reports.
- Spreadsheet: Some Core Impact reports use Excel as the reporting engine. Check only the Spreadsheet checkbox to see which reports qualify. Jump to Running Spreadsheet Reports.
- User Spreadsheet: Any report that is available as a Spreadsheet report can be modified and customized to suit your specific business requirements. Once a report has been customized, it will be listed in the User Spreadsheet category. Jump to Creating User Spreadsheet Reports.
List of Available Reports
Available in the Network and Client Side RPTs, this is a detailed report about the hosts you tested using Core Impact, grouped by host IP address unless otherwise configured. Reported data includes:
- Number of compromised hosts
- Services and applications found on each host
- Average number of exploited vulnerabilities on those hosts
- The CVE names of the vulnerabilities found on each compromised host
- If available, a screen shot from the compromised host.
This report is closely linked to the Vulnerability report (see below). (For Network RPT and Client Side RPT only)
Customization options:
- Host Selection: You can select specific hosts on which to run the report, or report on all known hosts.
- Include host list grouped by services: Select this option to have the host data grouped by the services they were running.
- Include host list grouped by ports: Select this option to have the host data grouped by
- Include application list for each host: Select this option to include detected applications for each host in the report.
- Include closed ports for each host: Select this option to include detected closed ports for each host in the report.
- Black and white charts: Select this option to have charts created in black and white instead of in color.
Available in the General category, this is a report presents a summary of the penetration test conducted by Core Impact.
This report provides details about discovered identities harvested by brute force or post-exploitation actions. When executing up the report, you have the following options:
- Report format: Select either XLSX or PDF.
- Show hashes and passwords: Select either Yes or No.
This report details the exposures that were found during the Information Gathering stage of the RPT. Exposures are information that while not being a vulnerability might help an attacker to conduct information gathering activities. When executing up the report, you have the following options:
- Report format: Select either XLSX or PDF.
This report provides detailed information about hosts found and all vulnerabilities found that were successfully exploited. When executing up the report, you have the following options:
- Report format: Select either XLSX or PDF.
- Show hashes and passwords: Select either Yes or No.
This report provides detailed information about the vulnerabilities found, organized as a checklist to serve as a reference document for issues that need to be addressed. When executing up the report, you have the following options:
- Report format: Select either XLSX or PDF.
Available in the Network RPT, this is a report containing validation information for vulnerabilities imported from external vulnerability scanners. When executing the report, you have the following options:
- Report format: Select either XLSX or PDF.
Available in the Network RPT, this is a report containing validation and severity information for vulnerabilities imported from external vulnerability scanners.
Customization options:
- Host Selection: You can select specific hosts on which to run the report, or report on all known hosts.
- Black and white charts: Select this option to have charts created in black and white instead of in color.
Available in the Network RPT, this is report compares the Workspace's original results with those after remediation efforts have been performed.
Available in the Network RPT, this report provides detailed information about the video cameras found during the testing carried out by Core Impact and the risks and weaknesses associated to them
When executing the report, you have the following options:
- Report format: Select either XLSX or PDF.
Available in the Network, Client Side and WebApps RPTs, this is a detailed report about the vulnerabilities that were successfully exploited on each host (versus potential vulnerabilities). This report provides details for each of the exploited vulnerabilities listed for compromised hosts in the Host Report. Data includes Common Vulnerabilities and Exposure (CVE) as well as Common Vulnerability Scoring System (CVSS) details.
When executing the report, you have the following options:
- Report format: Select either XLSX or PDF.
Available in the Network RPT, this report indicates the amount of testing that was performed and shows which tests resulted in a vulnerability being found on the selected targets. When executing the report, you have the following options:
- Report format: Select either XLSX or PDF.
Available in the Client Side RPT, this is a detailed report of Client Side Penetration Tests including:
- Summary of client side attack types
- Email messages sent to deliver attacks or lure users to a malicious web site
- Exploits used in client side attacks
Customization options:
- Black and white charts: Select this option to have charts created in black and white instead of in color.
Available in the Client Side RPT, this is a detailed report of Client Side Phishing test results, including:
- Summary data of client side targets
- Percentage of targets who viewed the attack email
- Percentage of targets who visited the Phishing web site
- Percentage of targets who entered data into the Phishing web site
Customization options:
- Black and white charts: Select this option to have charts created in black and white instead of in color.
Available in the Client Side RPT, this is a detailed report about all the users that were discovered and targeted as a part of the penetration test.
Customization options:
- Black and white charts: Select this option to have charts created in black and white instead of in color.
Available in the Network RPT, this is a report showing all modules run for each detected host.
Customization options:
- Host Selection: You can select specific hosts on which to run the report, or report on all known hosts.
- Black and white charts: Select this option to have charts created in black and white instead of in color.
Available in the Network and Client Side RPTs, this is a report that shows a summary and detailed information of vulnerabilities exploited by Core Impact. This report is designed to comply with standards and requirements of the U.S. Government Federal Information Security Management Act (FISMA) and can help you achieve NIST SP 800-53A compliance.
Customization options:
- Black and white charts: Select this option to have charts created in black and white instead of in color.
- Show additional information for vulnerabilities: Select this option to include more details about vulnerabilities included in the report.
- Include identities: Select this option to include identities in the report output.
- Obfuscate plain text password: If including identities, check this option to mask any passwords.
- Group validated identities by: If including identities, identities will be grouped by Host or by Service.
Available in the Network, Client Side and WebApps RPTs, the Delta Report will show a side-by-side comparison of test statistics for any 2 workspaces.
Customization options:
-
Select 2 workspaces to compare.
A Trend report is a summary report which shows graphically the changes across 2 or more workspaces. This report is only available when Running Reports from the Dashboard.
Customization options:
- Timeline to be used in the report: Select the scale of the report as daily, weekly, monthly, quarterly, or yearly.
- Select attack categories to be included in the report: Select from Network, Client Side, and Web.
- Black and white charts: Select this option to have charts created in black and white instead of in color.
- Show numbers in charts: Select this option to have numbers visible on output chart.
Available in the Network, Client Side and WebApps RPTs, this is a summary report of all completed penetration test activities and their results. Reported data includes:
- Summary of exploited vulnerabilities
- Summary of discovered hosts and network devices
- Summary of targeted users
- Most exploited vulnerabilities (overall and by operating system)
Customization options:
- Black and white charts: Select this option to have charts created in black and white instead of in color.
The Network Executive Report is available as a Spreadsheet Report
Available in the Network, Client Side and WebApps RPTs, this is a detailed report of all modules executed in Core Impact, grouped by date/time run and module.
Customization options:
- Log detail level: select from Low, Medium or High.
- Include only parent level tasks: Select this option to prevent the report from showing details on sub-modules.
Available in the Network RPT, this report shows detail on all known wireless relationships that have been found while Testing a Wireless Environment. When executing the report, you have the following options:
- Report format: Select either XLSX or PDF.
Available in the Network RPT, this report provides a summary of information about attacks while Testing a Wireless Environment using a Fake Access Point.
Available in the Network RPT, this report shows data about results of Man In The Middle (MiTM) attacks.
Available in the WebApps RPT, this report summarizes the most relevant information obtained during the penetration test. This report includes information about discovered hosts, compromised vulnerabilities and executed tasks.
Customization options:
- Select how to show the exploited assets: select from Do not include, Most Exploited Web pages, List All Exploited Assets.
Available in the Client Side RPT, this report presents the results from the search of documents and any metadata within the discovered documents during Client Side Information Gathering. This report includes information about discovered hosts, compromised vulnerabilities and executed tasks.
Customization options:
- Show Sensitive Data: Check this option to include sensitive data in the report.
Available in the WebApps RPT, this report provides a comparison between the original data and the remediated results.
Available in the WebApps RPT, this report provides detailed information about all vulnerabilities that were successfully exploited during the penetration test.