Skip to content

Latest commit

 

History

History
66 lines (45 loc) · 2.89 KB

README.md

File metadata and controls

66 lines (45 loc) · 2.89 KB

Cherrypy-report

Create a PDF from your pentesting cherrytree notes (with the OSCP exam in mind). You can check out the reports that were generated from the included cherrytree templates in the 'examples' directory.

Status

I'm currently testing and refactoring code as well as creating a proper README. I do not advise you to use the script for your exam just yet. I made this repository public for testing purposes.

Requirements

  • docker
  • python3

Installation

Clone the project and install the required python(3) modules:

I recommend creating a virtual environment:

git clone https://github.com/gpalo/cherrypy-report.git && cd cherrypy-report
python3 -m venv .venv
source .venv/bin/activate
pip install -r requirements.txt

Or install globally if you really want...

git clone https://github.com/gpalo/cherrypy-report.git && cd cherrypy-report
pip install -r requirements.txt

Running the examples

You can run the examples with the following command:

extensive template:

./cherrypy_autoreport.py cherrytree-templates/example-cherrytree.ctb

simple template (automatically fetching CVE details not working yet for this one):

./cherrypy_autoreport.py cherrytree-templates/simple-example-cherrytree.ctb

The output can be found in the 'report' directory.

Motivation for this project

The reporting side of the PWK exam (to me) was the most frustrating and timeconsuming part for various reasons. I had a well organised cherrytree document and it took me hours and hours to translate that into a proper text document. This tool is an attempt to automate this process. As of right now it is specifically made with the OSCP exam in mind.

How it works

This script uses a (specially formatted) cherrytree ctb file (which is just a sqlite3 database) to collect the users's notes. A markdown file is created and passed to pandoc to create a pdf using the [Eisvogel LaTeX template] (https://github.com/Wandmalfarbe/pandoc-latex-template). There are some rules and guidelines in regards to the structure of the cherrytree file. These will be described in this README in the near future.

Features

  • Collect CVE details automatically
  • Add static sections from the by Offsec provided exam report template automatically
  • Generate an appendix with all the collected proof contents automatically
  • Automatically name, archive and password protect the final file that should be send to Offsec after taking the exam as per the instructions in this guide

Credits