Skip to content
This repository has been archived by the owner on May 3, 2020. It is now read-only.

Finding Markup

Jump to bottom
frisch-raphael edited this page Feb 2, 2018 · 5 revisions

Inside of the fields of a finding you can add markup that will be included in the report. This info is also available by clicking the blue "Overview" button in any finding.

The following are included: Here are four markup sets you can use in the Overview, Remediation, and PoC summary. This text is converted inside of Microsoft Word.

YOU MUST CLOSE ALL TAGS. OTHERWISE YOU CAN DESTROY ALL TEXT FORMATTING. SEE EXAMPLES BELOW.

Review the finding "TEST - Markup Tester" for a clear example. As always, press preview to see the finding in Word.

{{ URL }}

Placing {{ }} around a URL will hyperlink the value, otherwise it will be included as plaintext.

Example:

For more information review {{ https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet }}

Substitution variables

Substitution variable are supported in findings. This is particularly helpful in the Templated Findings.

Example:

Overall <<SHORT_COMPANY_NAME>> was found to have a strong...

Will generate the following inside of a report:

Overall AcmeCorporation was found to have a strong...

Bullets

Place the bulleted text inbetween a - and a - like so:

*- Bulleted text goes here -*

Paragraph Heading Text

Place the heading inbetween a [== and a ==] like so:

[== Heading text goes here ==]

Italics

Place italicized inbetween a [~~ and a ~~] like so:

[~~ Italics ~~]

Code

Place code inbetween a [ and a] like below. CODE CANNOT STRETCH MULTIPLE LINES.

[[[ code, code goes here ]]]
Clone this wiki locally