Guinevere - Automated Security Assessment Reporting Tool.

Guinevere – Automated Security Assessment Reporting Tool.

Latest Change 9/1/2016 v1.2.3: Fixed retest statistics calculations of remaining vulnerable host totals.

This tool works with Gauntlet (a private tool) to automate assessment reporting.

Main features include:
+ Generate Assessment Report
+ Export Assessment
+ Generate Retest Report
+ Generate Pentest Checklist

guinevere

guinevere

+ Generate Assessment Report
This option will generate you .docx report based on the vulnerabilities identified during an assessment. The report will contain a bullet list of findings, the vulnerability report write-up, and a table of interesting hosts to include host names and ports. Each report write up automatically calculates the number of affected hosts and updates the report verbiage accordingly.

+ Export Assessment
An SQL dump of the assessment data from gauntlet will be export to a .sql file. This file can later be imported into by other analysts.

+ Generate Retest Report
A .docx retest report will be generated. The tool will evaluate the original assessment findings against the retest findings. The retest findings don’t need to be ranked as only the severity level of a vulnerability found in the orginial assessment will be used. New vulnerabilities and new hosts found during the retest will also be ignored. The report will contain a list of vulnerabilities along with their status (Remediated, Partially Remediated, or Not Remediated). A table will also be provided that contains hosts that are still vulnerable. A statistics table is also provided to be used with building graphs or charts.

+ Generate Pentest Checklist – BETA
The Pentest Checklist is an HTML document used for information management while conducting a pentest. The generated report provides the analyst with a list of host and their open ports along with space for note taking. This is stil under development and provides basic functionalty. The data is retrieved from the Gauntlet database. The “-T” flag can be used to display out from tools such as Nessus but is very verbose.

use:

Source : https://github.com/Ne0nd0g