blackstork-io · traut · Apr 23, 2024 · Apr 27, 2024 · Apr 28, 2024 · Apr 28, 2024
diff --git a/README.md b/README.md
@@ -23,14 +23,26 @@ Fabric generates documents based on modular templates written in [Fabric Configu
 
 ## Templates
 
+- Penetration Testing:
+  - [Offensive Security](https://www.offsec.com/) exam reports:
+    - [OSCE Exam Documentation](https://github.com/blackstork-io/fabric-templates/tree/main/cybersec/pentesting/offsec-osce-exam-report.fabric)
+    - [OSCP Penetration Test Report](https://github.com/blackstork-io/fabric-templates/tree/main/cybersec/pentesting/offsec-oscp-exam-report.fabric)
+    - [OSDA Exam Report](https://github.com/blackstork-io/fabric-templates/tree/main/cybersec/pentesting/offsec-osda-exam-report.fabric)
+    - [OSED Exam Documentation](https://github.com/blackstork-io/fabric-templates/tree/main/cybersec/pentesting/offsec-osed-exam-report.fabric)
+    - [OSEE Exam Documentation](https://github.com/blackstork-io/fabric-templates/tree/main/cybersec/pentesting/offsec-osee-exam-report.fabric)
+    - [OSEP Exam Documentation](https://github.com/blackstork-io/fabric-templates/tree/main/cybersec/pentesting/offsec-osep-exam-report.fabric)
+    - [OSMR Exam Documentation](https://github.com/blackstork-io/fabric-templates/tree/main/cybersec/pentesting/offsec-osmr-exam-report.fabric)
+    - [OSWA Exam Documentation](https://github.com/blackstork-io/fabric-templates/tree/main/cybersec/pentesting/offsec-oswa-exam-report.fabric)
+    - [OSWE Exam Documentation](https://github.com/blackstork-io/fabric-templates/tree/main/cybersec/pentesting/offsec-oswe-exam-report.fabric)
+    - [OSWP Exam Documentation](https://github.com/blackstork-io/fabric-templates/tree/main/cybersec/pentesting/offsec-oswp-exam-report.fabric)
+- SecOps:
+    - [Weekly Activity Overview Template](https://github.com/blackstork-io/fabric-templates/tree/main/cybersec/secops/weekly-activity-overview-elastic-security.fabric) ([example](https://github.com/blackstork-io/fabric-templates/tree/main/cybersec/secops/weekly-activity-overview-elastic-security-example.md))
 - Cyber Threat Intelligence:
-  - MITRE CTID CTI Blueprints ([source](https://mitre-engenuity.org/cybersecurity/center-for-threat-informed-defense/our-work/cti-blueprints/))
+  - [MITRE CTID](https://mitre-engenuity.org/cybersecurity/center-for-threat-informed-defense/) [CTI Blueprints](https://mitre-engenuity.org/cybersecurity/center-for-threat-informed-defense/our-work/cti-blueprints/)
     - [Campaign Report Template](https://github.com/blackstork-io/fabric-templates/tree/main/cybersec/cti/mitre-ctid-campaign-report.fabric) ([example](https://github.com/blackstork-io/fabric-templates/tree/main/cybersec/cti/mitre-ctid-campaign-report-example.md))
     - [Executive Report Template](https://github.com/blackstork-io/fabric-templates/tree/main/cybersec/cti/mitre-ctid-executive-report.fabric) ([example](https://github.com/blackstork-io/fabric-templates/tree/main/cybersec/cti/mitre-ctid-executive-report-example.md))
     - [Intrusion Analysis Report Template](https://github.com/blackstork-io/fabric-templates/tree/main/cybersec/cti/mitre-ctid-intrusion-analysis-report.fabric) ([example](https://github.com/blackstork-io/fabric-templates/tree/main/cybersec/cti/mitre-ctid-intrusion-analysis-report-example.md))
     - [Threat Actor Profile Report Template](https://github.com/blackstork-io/fabric-templates/tree/main/cybersec/cti/mitre-ctid-threat-actor-profile-report.fabric) ([example](https://github.com/blackstork-io/fabric-templates/tree/main/cybersec/cti/mitre-ctid-threat-actor-profile-report-example.md))
-- SecOps:
-    - [Weekly Activity Overview Template](https://github.com/blackstork-io/fabric-templates/tree/main/cybersec/secops/weekly-activity-overview-elastic-security.fabric) ([example](https://github.com/blackstork-io/fabric-templates/tree/main/cybersec/secops/weekly-activity-overview-elastic-security-example.md))
 
 ## Contributions
 

diff --git a/cybersec/pentesting/offsec-common.fabric b/cybersec/pentesting/offsec-common.fabric
@@ -0,0 +1,8 @@
+section "offsec_exam_additional_info" {
+  title = "Additional Items Not Mentioned in the Report"
+
+  content text {
+    value = "This section is placed for any additional items that were not mentioned in the overall report."
+  }
+}
+
diff --git a/cybersec/pentesting/offsec-osce-exam-report.fabric b/cybersec/pentesting/offsec-osce-exam-report.fabric
@@ -0,0 +1,302 @@
+document "offsec_osce_exam_report" {
+
+  meta {
+    name = "Offensive Security Certified Expert Exam Report"
+
+    author = "Sergey Polzunov <sergey@blackstork.io>"
+
+    description = <<-EOT
+      The Offensive Security OSCE exam report contains all efforts that were
+      conducted in order to pass the Offensive Security Certified Expert exam.
+
+      References:
+        - https://www.offsec.com/ctp/OSCE-Exam-Report.docx
+        - https://github.com/noraj/OSCP-Exam-Report-Template-Markdown/blob/master/src/OSCE-exam-report-template_OS_v1.md
+    EOT
+
+    url = "https://www.offsec.com/certificates/osce3/"
+    # version = "v.1.0"
+
+    license = "MIT License"
+    tags = ["pentesting", "offsec", "osce"]
+
+    updated_at = "2024-04-20T10:46:51+0000"
+  }
+
+  data inline "findings" {
+    hosts = [
+      {
+        host = "192.168.XX.200",
+        proof = "the-contents-of-proof-txt",
+
+        vulnerable_command = <<-EOT
+          Provide the command that was found to be exploitable.
+        EOT
+
+        vulnerability_identification = <<-EOT
+          Provide the method and code used to find the vulnerability.
+        EOT
+
+        poc_code = <<-EOT
+          Provide the final proof of concept code used to gain access to the server.
+        EOT
+
+        steps = <<-EOT
+          Provide a detailed account of your methodology in creating the exploit.
+          The steps taken should be able to be easily followed and reproducible if
+          necessary.
+        EOT
+      },
+      {
+        host = "192.168.XX.220",
+        proof = "the-contents-of-proof-txt",
+
+        vulnerable_code = <<-EOT
+          Provide the vulnerable code that was found to be exploitable.
+        EOT
+
+        privilege_escalation =<<-EOT
+          Provide the method and code used to find the vulnerability.
+        EOT
+
+        poc_code = <<-EOT
+          Provide the final proof of concept code used to gain access to the server.
+        EOT
+
+        # Provide a screenshot of the id command and the contents of proof.txt.
+        screenshots = ["./img-placeholder.png"]
+
+        steps = <<-EOT
+          Provide a detailed account of your methodology in creating the exploit.
+          The steps taken should be able to be easily followed and reproducible if
+          necessary.
+        EOT
+      },
+      {
+        host = "192.168.XX.201",
+
+        # Screenshot requirements are detailed in the control panel.
+        screenshots = ["./img-placeholder.png"]
+
+        steps = <<-EOT
+          Provide a detailed account of your methodology in creating the exploit.
+          The steps taken should be able to be easily followed and reproducible if
+          necessary.
+        EOT
+      },
+      {
+        host = "192.168.XX.240",
+
+        poc_code = <<-EOT
+          Provide the final proof of concept code used to gain access to the server.
+        EOT
+
+        # Screenshot requirements are detailed in the control panel.
+        screenshots = ["./img-placeholder.png"]
+
+        steps = <<-EOT
+          Provide a detailed account of your methodology in creating the exploit.
+          The steps taken should be able to be easily followed and reproducible if
+          necessary.
+        EOT
+      },
+    ]
+  }
+
+  title = "Offensive Security OSCE Exam Documentation"
+
+  content frontmatter {
+    content = {
+      title = "Offensive Security OSCE Exam Documentation",
+      # FIXME: fix is coming in https://github.com/blackstork-io/fabric/pull/155
+      #  author = {
+      #    email = "student@youremailaddress.com",
+      #    osid = "XXXXX"
+      #  },
+      author = "student@youremailaddress.com",
+      version = "v.1.0"
+    }
+  }
+
+  content toc {
+    start_level = 1
+  }
+
+  section "intro" {
+    title = "Offensive Security OSCE Exam Documentation"
+
+    content text {
+      value = <<-EOT
+        The Offensive Security OSCE exam documentation contains all efforts that
+        were conducted in order to pass the Offensive Security Certified Expert
+        exam. This report will be graded from a standpoint of correctness and
+        fullness to all aspects of the exam. The purpose of this report is to
+        ensure that the student has the technical knowledge required to pass the
+        qualifications for the Offensive Security Certified Expert certification.
+
+        The student will be required to fill out this exam documentation fully
+        and to include the following sections:
+
+        - Methodology walkthrough and detailed outline of steps taken.
+        - Each finding with included screenshots, walkthrough, sample code, and proof.txt if applicable.
+        - Any additional items that were not included
+      EOT
+    }
+  }
+
+  # FIXME: should be a loop with condition checks
+  # https://github.com/blackstork-io/fabric/issues/142
+  section "host_findings_0" {
+    title = "{{ (index .data.inline.findings.hosts 0).host }}"
+
+    section "proof" {
+      title = "proof.txt"
+
+      content text {
+        value = "{{ (index .data.inline.findings.hosts 0).proof }}"
+      }
+    }
+
+    section "vulnerable_command" {
+      title = "Vulnerable Command"
+
+      content text {
+        value = "{{ (index .data.inline.findings.hosts 0).vulnerable_command }}"
+      }
+    }
+
+    section "vulnerability_identification" {
+      title = "Vulnerability Identification"
+
+      content text {
+        value = "{{ (index .data.inline.findings.hosts 0).vulnerability_identification }}"
+      }
+    }
+
+    section "poc_code" {
+      title = "PoC Code"
+
+      content text {
+        value = "{{ (index .data.inline.findings.hosts 0).poc_code }}"
+      }
+    }
+
+    section "steps" {
+      title = "Steps"
+
+      content text {
+        value = "{{ (index .data.inline.findings.hosts 0).steps }}"
+      }
+    }
+  }
+
+  section "host_findings_1" {
+    title = "{{ (index .data.inline.findings.hosts 1).host }}"
+
+    section "proof" {
+      title = "proof.txt"
+
+      content text {
+        value = "{{ (index .data.inline.findings.hosts 1).proof }}"
+      }
+    }
+
+    section "vulnerable_code" {
+      title = "Vulnerable Code"
+
+      content text {
+        value = "{{ (index .data.inline.findings.hosts 1).vulnerable_code }}"
+      }
+    }
+
+    section "privilege_escalation" {
+      title = "Privilege Escalation"
+
+      content text {
+        value = "{{ (index .data.inline.findings.hosts 1).privilege_escalation }}"
+      }
+    }
+
+    section "poc_code" {
+      title = "PoC Code"
+
+      content text {
+        value = "{{ (index .data.inline.findings.hosts 1).poc_code }}"
+      }
+    }
+
+    section "screenshots" {
+      title = "Screenshots"
+
+      # FIXME: should be a loop
+      # FIXME: should render the source -- https://github.com/blackstork-io/fabric/issues/163
+      content image {
+        src = "{{ index (index .data.inline.findings.hosts 1).screenshots 0 }}"
+      }
+    }
+
+    section "steps" {
+      title = "Steps"
+
+      content text {
+        value = "{{ (index .data.inline.findings.hosts 1).steps }}"
+      }
+    }
+  }
+
+  section "host_findings_2" {
+    title = "{{ (index .data.inline.findings.hosts 2).host }}"
+
+    section "screenshots" {
+      title = "Screenshots"
+
+      # FIXME: should be a loop
+      # FIXME: should render the source -- https://github.com/blackstork-io/fabric/issues/263
+      content image {
+        src = "{{ index (index .data.inline.findings.hosts 2).screenshots 0 }}"
+      }
+    }
+
+    section "steps" {
+      title = "Steps"
+
+      content text {
+        value = "{{ (index .data.inline.findings.hosts 2).steps }}"
+      }
+    }
+  }
+
+  section "host_findings_3" {
+    title = "{{ (index .data.inline.findings.hosts 3).host }}"
+
+    section "poc_code" {
+      title = "PoC Code"
+
+      content text {
+        value = "{{ (index .data.inline.findings.hosts 3).poc_code }}"
+      }
+    }
+
+    section "screenshots" {
+      title = "Screenshots"
+
+      # FIXME: should be a loop
+      # FIXME: should render the source -- https://github.com/blackstork-io/fabric/issues/263
+      content image {
+        src = "{{ index (index .data.inline.findings.hosts 3).screenshots 0 }}"
+      }
+    }
+
+    section "steps" {
+      title = "Steps"
+
+      content text {
+        value = "{{ (index .data.inline.findings.hosts 3).steps }}"
+      }
+    }
+  }
+
+  section {
+    base = section.offsec_exam_additional_info
+  }
+}