Week 8: The Report

Path: Ethical Hacking | Module: 8 of 8

The Most Important Deliverable

If you hack the entire bank but write a bad report, you did a bad job. The client is paying for the report, not the shell.

1. Executive Summary

Written for the CEO who doesn't know what an IP address is. Focus on Business Risk.

  • "We gained full control of the billing system."
  • "Customer data was at risk of theft."
  • "Risk Rating: High."

2. Technical Findings

Written for the IT team to fix the bugs. Must be reproducible.

  • Finding Name: Unpatched vsftpd service.
  • Severity: Critical (CVSS 10.0).
  • Affected System: 192.168.1.55.
  • Proof of Concept: Screenshot of the shell.

3. Remediation

Tell them how to fix it.

  • "Update vsftpd to version 3.0.3 or higher."
  • "Disable the service if not needed."

🔬 Final Assessment

Objective: Prove your worth.

Take the findings from the previous labs (the vsftpd backdoor, the SQL injection) and write a mock 1-page report. Use professional language. Pretend you are charging $10,000 for this PDF.

← Previous Week Complete Course