Hack for Show, Report for Dough presented at BSidesColumbus 2020

by Brian (bb) King,

Summary : The fun part of pentesting is the hacking. But the part that makes it a viable career is the report. You can develop the most amazing exploit for the most surprising vulnerability, but if you can't document it clearly for the people who need to fix it, then you're just having fun. Which is fine! But if you want to get hired again, your reports need to be as clear and useful as your hacks are awesome.You will learn some fundamental things to keep in mind as you write your reports. You'll see a bad report made good, with clear explanations of what makes the difference. You'll come away with some tricks and techniques to help you focus on the test while still producing a quality report.