Documentation & Reporting

Table of Contents


  • [How I read a research paper](


Start with the first two links, and go from there. They’re both great resources to writing technical documentation, the first being a beginners guide and the second being a general guide that beginners can understand.

Other Materials:

Writing Reports


Penetration Testing Collaboration/Documenation Tools

  • Kvasir
    • Kvasir is a vulnerability / penetration testing data management system designed to help mitigate the issues found when performing team-based assessments. Kvasir does this by homogenizing data sources into a pre-defined structure.
  • Dradis
    • Dradis is an open source collaboration framework, tailored to InfoSec teams.
    • It can integrate with a lot of existing tools you probably are using if you're reading this.
  • Faraday
    • Faraday introduces a new concept (IPE) Integrated Penetration-Test Environment a multiuser Penetration test IDE. Designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.
  • Lair
    • Lair is a reactive attack collaboration framework and web application built with meteor.
  • CrScreenshotDxe
    • UEFI DXE driver to take screenshots from GOP-compatible graphic console
  • DART
    • DART is a test documentation tool created by the Lockheed Martin Red Team to document and report on penetration tests, especially in isolated network environments.
  • Serpico
    • Serpico is a penetration testing report generation and collaboration tool. It was developed to cut down on the amount of time it takes to write a penetration testing report.

Video Recording/Recording

  • Open Broadcaster Software OBS
    • Open Broadcaster Software is free and open source software for video recording and live streaming.
    • Cross Platform, Windows/OsX/Linux
  • Cryptoshot
    • This application will make a screenshot of the desktop. If the desktop consists of multiple monitors, it should still work fine. However it has only been tested with a dual monitor setup. The windows project has the added functionality of sending the screenshot to a server of your choosing.
  • Record terminal sessions and have the ability to replay it