Table of Contents
This project is built using JavaScript(Vanilla) with a Node.js backend, as for storing data it uses the lightweight NeDB. It aims to provide a pentest dashboard where it allows users to create and manage penetration testing projects.
- It contains a checklist template that follows the DNGP methodology, allowing the user to track all tests that has been performed.
- All added vulnerabilities are displayed on the front-page along with their risk level and status.
- There is a counter that keeps track of number of vulnerabilities according to their risk level.
- The details tab displays all vulnerabilities in detail with images uploaded by the user.
- All information gathered can be easily viewed, which facilitates when creating reports.
The following are few features that stil in progress and I hope to implement in the future
- Adding the option to switch the interface language to English, as currently it is in Portuguese.
- Editable checklist, so the user can create their own methodology without having to go the Ejs file to change that.
- Authentication and other security measures
- Storing data into Firebase
- Generating reports in pdf
Follow these steps to get a local copy up and running. Note: if you have the latest Node.js installed you can skip the second step.
-
Clone the repo
git clone https://github.com/spinolaju/pentest-dashboard.git
-
Install Node.js
It can be downloaded here: https://nodejs.org/en/download/ -
Install NPM packages
npm install
set DEBUG='pentest:*'; npm start
-
Main Menu - New project or Open an existing project
-
Creating a new project
-
Selecting an existing project
-
Dashboard - Displays details of the project, number of vulnerabilities, number of vulnerabilities classified by their risk level along with a table that presents in a brief way all vulnerabilities registered, its status and its risk level.
-
Checklist - Tests performed by the user can be ticked. Each one of these tests allow the user to add any vulnerabilties or evidences that they found.
-
Vulnerabilities / Adding vulnerabilties
-
Evidences / Adding Evidences
-
Notes - Each checklist item contains a button to add notes. This is a space where the user adds some notes that pontentially act as a guide, they can be code snippets or any resources that the user find useful when performing that specific test. These notes are not attached to a particular project, therefore they can be viewed and managed across all projects.
Juliane Spinola - spinolaju@hotmail.com
Project Link: Pentest Dashboard App