Table of Contents

1. About
2. Getting Started
   • Installing dependencies
   • Run Node Server
3. Usage
4. Contact
5. Acknowledgements

About

This project is built using JavaScript(Vanilla) with a Node.js backend, as for storing data it uses the lightweight NeDB. It aims to provide a pentest dashboard where it allows users to create and manage penetration testing projects.

• It contains a checklist template that follows the DNGP methodology, allowing the user to track all tests that has been performed.
• All added vulnerabilities are displayed on the front-page along with their risk level and status.
• There is a counter that keeps track of number of vulnerabilities according to their risk level.
• The details tab displays all vulnerabilities in detail with images uploaded by the user.
• All information gathered can be easily viewed, which facilitates when creating reports.

Future Implementations

The following are few features that stil in progress and I hope to implement in the future

• Adding the option to switch the interface language to English, as currently it is in Portuguese.
• Editable checklist, so the user can create their own methodology without having to go the Ejs file to change that.
• Authentication and other security measures
• Storing data into Firebase
• Generating reports in pdf

Getting Started

Follow these steps to get a local copy up and running. Note: if you have the latest Node.js installed you can skip the second step.

Installing dependencies

1. Clone the repo

   git clone https://github.com/spinolaju/pentest-dashboard.git

2. Install Node.js
   It can be downloaded here: https://nodejs.org/en/download/

3. Install NPM packages

   npm install

Run Node Server

   set DEBUG='pentest:*'; npm start

Usage

• Main Menu - New project or Open an existing project

• Creating a new project

• Selecting an existing project

• Dashboard - Displays details of the project, number of vulnerabilities, number of vulnerabilities classified by their risk level along with a table that presents in a brief way all vulnerabilities registered, its status and its risk level.

• Checklist - Tests performed by the user can be ticked. Each one of these tests allow the user to add any vulnerabilties or evidences that they found.

• Vulnerabilities / Adding vulnerabilties

• Evidences / Adding Evidences

• Notes - Each checklist item contains a button to add notes. This is a space where the user adds some notes that pontentially act as a guide, they can be code snippets or any resources that the user find useful when performing that specific test. These notes are not attached to a particular project, therefore they can be viewed and managed across all projects.

Contact

Juliane Spinola - spinolaju@hotmail.com

Project Link: Pentest Dashboard App

Acknowledgements

• Desec Security
• NeDB
• Font Awesome