Finding
Create findings in your pentest report by JSON or TOML.
Example
| cat finding.json | reptor finding
cat finding.toml | reptor finding
|
Sample finding
Upload one finding by using the following structures.
Use a list to upload multiple findings.
| JSON finding structure |
|---|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 | {
"status": "in-progress",
"data": {
"cvss": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
"title": "Reflected XSS",
"summary": "We detected a reflected XSS vulnerability.",
"references": [
"https://owasp.org/www-community/attacks/xss/"
],
"description": "The impact was heavy.",
"recommendation": "HTML encode user-supplied inputs.",
"affected_components": [
"https://example.com/alert(1)",
"https://example.com/q=alert(1)"
]
}
}
|
| TOML finding structure |
|---|
| status = "in-progress"
[data]
cvss = "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N"
title = "Reflected XSS"
summary = "We detected a reflected XSS vulnerability."
references = [ "https://owasp.org/www-community/attacks/xss/",]
description = "The impact was heavy."
recommendation = "HTML encode user-supplied inputs."
affected_components = [ "https://example.com/alert(1)", "https://example.com/q=alert(1)",]
|
Usage
| usage: reptor finding [-h]
Uploads findings from JSON or TOML
optional arguments:
-h, --help show this help message and exit
|