I’m working on a side project of trying to build a web-based tool for managing and helping me generate pen-testing reports. The idea is to define some attributes, such as the company you’re doing the work for, dates, etc., and then drag-and-drop blocks of the report into place. For example, an executive summary, scope, various issues found. All would come in customized already with the various known attributes, and then you can tweak/modify each section as needed. You can then also save your blocks to re-use later. This might be particularly handy for various vulnerabilities since we tend to find the same things over and over again.
I’d be curious to hear from as many people as possible regarding what features they would want in a web-based report writer, and I’m also looking for sample reports. Anything redacted or open-source would be fine, but please nothing confidential.
I’ve started this Workflowy list to try and capture the requirements: [https://workflowy.com/s/penetration-report-w/h1fcj6ru5b3ca4r7](https://workflowy.com/s/penetration-report-w/h1fcj6ru5b3ca4r7)
Any help is appreciated. Happy to share the final result with you, if it ever comes into being. If I build it, I will likely charge a monthly or annual fee for it, but anyone who helps will get a large discount and/or some extended trial period (3 months +?).