A lot of data is generated during pentest engagements: vulnerabilities, open ports, vulnerable IPs… Soon enough, it gets tough to keep everything tracked.
What kind of data is this? Let’s take a look at the sources of such information:
Doing the Reconnaissance:
As we talked about in the Pentest Cycle article, the reconnaissance phase is the biggest and most important phase of a pentest, which allows you to find obscure assets, increase the attack surface and further dig down into the newly discovered entry points.
Everything the pentester does in the recon phase generates data! Subdomains, port scans, hidden directories, exposed endpoints, plaintext credentials, and the list goes on and on.
Different Tools, Different Outputs:
A whole arsenal of multiple tools is used during a pentest. Each of them produces the output according to how they are built. Some give results in JSON format while some prefer XML output.
Crawling through all this data in a different format and consolidating it in a single place becomes too hard in the early stages.
When pentesters work on any project, they keep their personal notes depending on their workflow.
What bugs to look for, what have they already tried, what seems interesting and what is not? These notes are usually shared among the teams so that everyone could benefit from each others’ findings.
A Whole Lot of Images:
Screenshots are without a doubt a crucial part of red team activity, as they record everything as it looks like.
It makes them a great way to present walkthroughs or the bugs that were found. They can be also used to explain the vulnerabilities step by step, making it easier for the client to understand.
These were some of the main data sources, which is already a huge amount to keep an eye on.
There are lots of others that also contribute in different forms. Client updates, progress tracking, checklists, project wikis, and a load of other data that pops up during a pentest…
All this totally complicates the procedure of storing, sharing, and analyzing information. Let’s take a look at:
- How things are being done currently
- What are the issues with traditional methodologies in pentesting? – Download a Free e-Book.
- How Hexway Hive can prove to be a game changer
A multitude of individual tools is used to keep track of everything. Note-taking apps like Notion or Obsidian are used for personal notes.
Further, people usually right either custom parsers for XML, JSON, or others to extract important information and in some cases, even the raw output is used and manually analyzed.
Most of the time, project recon data is stored in a traditional file manager-type structure with directories and text files, images, exploits, etc inside them.
A great example of this is subdomain scanning: there are a lot of subdomain scanning tools, which gives result in different formats. These subdomains remain in their specific files and pentesters have to work manually with them.
Though it might seem fine at glance, this type of approach has serious issues that should get overlooked. One of the most affected is collaboration. When each team unit works on a project without a single repository, the data may get lost.
The more data was collected, the higher chances are of missing something important.
Different pentest tools produce different outputs, it gets difficult to crawl through hundreds of formats and extract useful information. Then store it, share and finally analyze it.
There’s a lot of room for improvement in the traditional approach, as we explain further how the Hive tool lets you collaborate through a centralized channel.
Forget about the old-school methods, we’re here to explore a new methodology Hexway Hive provides.
One of the most important sections in Hive is “Project Data” where everything related to a pentest project is present.
You can define your target in either IP or domain form. Once you define a target, you can add target-wide notes or you can go even more granular by adding relevant ports. It depends on how extensive you want the information to be:
- add checklists,
- attach tags for easier searching,
- attach files (yes, complete text files!)
- Or paste images.
While you can create entries manually, Hive allows importing data from many popular pentest tools like Nmap, Nessus, Metasploit, Cobalt strike, Nuclei, Burp, and a lot more. In case you want to parse data, not from a standard tool, you can process that too through Hive API.
Especially for CLI output fans, Hive has a custom import feature — semi-manually you can add almost any data output from a daily toolset.
Hive takes it one step further. Since Hive is a self-hosted collaborative platform, that can be used by multiple team members in real-time, everyone has access to all the data anytime to perform much faster pentests.
This allows to the creation of issues, tracking its history, and building notes based on performed actions. Such solutions not just help pentesters to save time on less routine things but to level up the quality of performed services.
And it’s not it!
Every action pentesters take in Hexway Hive (mark checklists, share notes, or add ports) — will be a strong basis for the future report. Basically, if you follow the guidelines and methodology correctly, the final report will only need some tiny changes to sparkle and bring value to the customer.
If you are a pentester, you cannot deny the hassle of managing data. Storing relevant information in different directories is not sustainable.
Hexway Hive comes as a modern solution, that solves all your data management nightmares and goes the extra mile to provide intuitive features for an even better collaborative pentest experience, for the team and the client both.
It is also a perfect solution to plug into the existing PTaaS lifecycle leading to a more organized and efficient approach from a data management perspective, leading to happy clients and less stressed pentest. Hive will take care of all your bits and bytes of data, no matter where the data is originating from!
Penetration Testing As a Service – Download Red Team & Blue Team Workspace