{{report_name}}
{{scan_object.domain.name}}
{# generated date #} {% now "F j, Y" %}

 

Table of contents

{% if show_executive_summary %}

Executive summary


{{executive_summary_description | safe }}
{% endif %}

Quick Summary

This section contains quick summary of scan performed on {{scan_object.domain.name}}


{# recon section #} {% if show_recon %}

Reconnaissance

Subdomains
{{scan_object.get_subdomain_count}}

Endpoints
{{scan_object.get_endpoint_count}}

Vulnerabilities
{{all_vulnerabilities_count}}

{% endif %} {% if show_vuln %}

Vulnerability Summary

Critical
{{scan_object.get_critical_vulnerability_count}}

High
{{scan_object.get_high_vulnerability_count}}

Medium
{{scan_object.get_medium_vulnerability_count}}

Low
{{scan_object.get_low_vulnerability_count}}

Info
{% if is_ignore_info_vuln %} 0 {% else %} {{scan_object.get_info_vulnerability_count}} {% endif %}

Unknown
{{scan_object.get_unknown_vulnerability_count}}

{% endif %}

Timeline of the Assessment

Scan started on: {{scan_object.start_scan_date|date:"F j, Y h:i"}}
Total time taken: {% if scan_object.scan_status == 0 %} {{ scan_object.start_scan_date|timesince:scan_object.stop_scan_date }} {% elif scan_object.scan_status == 1 %} {{ scan_object.get_elapsed_time }} {% elif scan_object.scan_status == 2 %} {% if scan_object.get_completed_time_in_sec < 60 %} Completed in < 1 minutes {% else %} Completed in {{ scan_object.start_scan_date|timesince:scan_object.stop_scan_date }} {% endif %} {% elif scan_object.scan_status == 3 %} Aborted in {{ scan_object.start_scan_date|timesince:scan_object.stop_scan_date }} {% endif %}
Report Generated on: {% now "F j, Y" %}

{# show interesting_subdomains section only when show_recon result is there #} {% if interesting_subdomains and show_recon %}

Interesting Recon Data

Listed below are the {{interesting_subdomains.count}} interesting subdomains identified on {{scan_object.domain.name}}

#
Subdomain
Page title
HTTP Status
{% for subdomain in interesting_subdomains %}
{{ forloop.counter }}
{{subdomain.name}}
{% if subdomain.page_title %} {{subdomain.page_title}} {% else %}     {% endif %}
{% if subdomain.http_status %} {{subdomain.http_status}} {% else %}     {% endif %}
{% endfor %}
{% endif %} {# vulnerability_summary only when vuln_report #} {% if show_vuln %}

Summary of Vulnerabilities Identified

{% if all_vulnerabilities.count > 0 %}

Listed below are the vulnerabilities identified on {{scan_object.domain.name}}

#
Vulnerability Name
Times Identified
Severity
{% for vulnerability in unique_vulnerabilities %}
{{ forloop.counter }}
{{vulnerability.name}}
{{vulnerability.count}}
{% if vulnerability.severity == -1 %}
Unknown {% elif vulnerability.severity == 0 %}
Informational {% elif vulnerability.severity == 1 %}
Low {% elif vulnerability.severity == 2 %}
Medium {% elif vulnerability.severity == 3 %}
High {% elif vulnerability.severity == 4 %}
Critical {% endif %}
{% endfor %} {% else %}

No Vulnerabilities were Discovered.

{% endif %}
{% endif %} {# show discovered assets only for show_recon report #} {% if show_recon %}

Discovered Assets

Subdomains

During the reconnaissance phase, {{scan_object.get_subdomain_count}} subdomains were discovered. Out of {{scan_object.get_subdomain_count}} subdomains, {{subdomain_alive_count}} returned HTTP status 200. {{interesting_subdomains.count}} interesting subdomains were also identified based on the interesting keywords used.

{{scan_object.get_subdomain_count}} subdomains identified on {{scan_object.domain.name}}

Subdomain
Page title
HTTP Status
{% for subdomain in subdomains %}
{{subdomain.name}}
{% if subdomain.page_title %} {{subdomain.page_title}} {% endif %}
{{subdomain.http_status}}
{% endfor %}
{% if ip_addresses.count %}

IP Addresses

{{ip_addresses.count}} IP Addresses were identified on {{scan_object.domain.name}}

IP
Open Ports
Remarks
{% for ip in ip_addresses %}
{{ip.address}}
{% for port in ip.ports.all %} {{port.number}}/{{port.service_name}}{% if not forloop.last %},{% endif %} {% endfor %}
{% if ip.is_cdn %}
CDN IP Address {% else %}
{% endif %}
{% endfor %}
{% endif %}

{% endif %} {# reconnaissance finding only when show_recon #} {% if show_recon %}

Reconnaissance Findings

{% for subdomain in subdomains %} {% if subdomain.http_status == 200 %} {% elif subdomain.http_status >= 300 and subdomain.http_status < 400 %} {% elif subdomain.http_status >= 400 %} {% elif subdomain.http_status == 0 %} {% else %} {% endif %} {% if subdomain.page_title %} {% endif %} {% if subdomain.ip_addresses.all %} {% endif %} {% if subdomain.get_vulnerabilities_without_info %} {% endif %}
{{ forloop.counter }}. {{subdomain.name}}{{subdomain.http_status}}{{subdomain.http_status}}{{subdomain.http_status}}N/A{{subdomain.http_status}}
Page Title: {{subdomain.page_title}}
IP Address:
    {% for ip in subdomain.ip_addresses.all %}
  • {{ip.address}} {% if ip.ports.all %}
    • Open Ports:   {% for port in ip.ports.all %} {{port.number}}/{{port.service_name}}{% if not forloop.last %},{% endif %} {% endfor %}
    {% endif %}
    • {% endfor %}
Vulnerabilities {% regroup subdomain.get_vulnerabilities_without_info by name as vuln_list %}
{% endfor %}
{% endif %} {% if all_vulnerabilities.count > 0 and show_vuln %}

Vulnerabilities Discovered

This section reports the security issues found during the audit.
A Total of {{scan_object.get_vulnerability_count}} were discovered in {{scan_object.domain.name}}, {{scan_object.get_critical_vulnerability_count}} of them were Critical, {{scan_object.get_high_vulnerability_count}} of them were High Severity, {{scan_object.get_medium_vulnerability_count}} of them were Medium severity, {% if is_ignore_info_vuln %}0{% else %}{{scan_object.get_info_vulnerability_count}}{% endif %} of them were Low severity, and {{scan_object.get_info_vulnerability_count}} of them were Informational. {{scan_object.get_unknown_vulnerability_count}} of them were Unknown Severity.

Vulnerability Breakdown by Severity

Critical
{{scan_object.get_critical_vulnerability_count}}

High
{{scan_object.get_high_vulnerability_count}}

Medium
{{scan_object.get_medium_vulnerability_count}}

Low
{{scan_object.get_low_vulnerability_count}}

Info
{% if is_ignore_info_vuln %} 0 {% else %} {{scan_object.get_info_vulnerability_count}} {% endif %}

Unknown
{{scan_object.get_unknown_vulnerability_count}}

{# start vulnerability #} {% if show_vuln %}
{% regroup all_vulnerabilities by get_path as grouped_vulnerabilities %} {% for vulnerabilities in grouped_vulnerabilities %} {% for vulnerability in vulnerabilities.list %}

{{vulnerability.name}} {% if vulnerabilities.grouper %}
in {{vulnerabilities.grouper}} {% endif %} {% if vulnerability.severity == -1 %} Unknown
{% elif vulnerability.severity == 0 %} INFO
{% elif vulnerability.severity == 1 %} LOW
{% elif vulnerability.severity == 2 %} MEDIUM
{% elif vulnerability.severity == 3 %} HIGH
{% elif vulnerability.severity == 4 %} CRITICAL
{% endif %}

Vulnerability Source: {{vulnerability.source|upper}}
{% if vulnerability.cvss_metrics or vulnerability.cvss_score or vulnerability.cve_ids.all or vulnerability.cve_ids.all %} Vulnerability Classification
{% if vulnerability.cvss_metrics %} CVSS Metrics: {{vulnerability.cvss_metrics}} {% endif %} {% if vulnerability.cvss_score %}
CVSS Score: {{vulnerability.cvss_score}} {% endif %} {% if vulnerability.cve_ids.all %}
CVE IDs
    {% for cve in vulnerability.cve_ids.all %} {{cve}}{% if not forloop.last %}, {% endif %} {% endfor %} {% endif %} {% if vulnerability.cwe_ids.all %}
CWE IDs
    {% for cwe in vulnerability.cwe_ids.all %} {{cwe}}{% if not forloop.last %}, {% endif %} {% endfor %} {% endif %}
{% endif %} {% if vulnerability.description %}
Description
{{vulnerability.description|linebreaks}} {% endif %} {% if vulnerability.impact %}
Impact
{{vulnerability.impact|linebreaks}} {% endif %} {% if vulnerability.remediation %}
Remediation
{{vulnerability.remediation|linebreaks}} {% endif %}
Vulnerable URL(s)
{% if vulnerability.references.all %} References
{% endif %}

{% endfor %} {% endfor %}
{% endif %} {% endif %}

END OF REPORT