Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Color codes are applied to table headings and text to provide clear and immediate insights. Table headings can be color-coded to aid readers in prioritizing information. Severity levels are emphasized through text color codes, where "High" may appear in red, "Medium" in orange, and "Low" in blue. These color cues enable efficient data interpretation and decision-making in security-related contexts.
Step 1: Open the runbooks template.
Step 2: Go to the "COLOR CODES" section of the setup code.
Step 3: Insert the new desired hexadecimal color code into the highlighted area of the value to change and save the document.
Do not include the hash symbol.
The legacy highlighted colors used for visual context will not match the new color code entered in Step 3 unless updated manually in the Word document.
A test plan is the documented form of an organization's procedures for conducting a task or series of tasks. The purpose of a runbook is to script engagements to the command-line level to build a library of engagements to ensure a robust execution and coverage of an engagement objective while efficiently collecting valuable evidence for reporting.
This template differs from the others by displaying and configuring procedure data in the report.
Click the box to download the report export template.
This template has options to configure the presentation of several topics. Click the link below for instructions on each topic.
Visit the Using Export Templates page for an overview of implementing the template when ready to export a report.
The Strict Narratives option allows users to choose between utilizing predetermined narratives within the report or selecting any custom narrative they prefer.
Step 1: Open the runbooks template.
Step 2: Go to the "OPTION DEFINITIONS" section of the setup code.
Step 3: Go to the bb.strict_narratives
line. The value listed determines the presentation of narratives within the report. The default value is "true." Modify the value as desired.
If set to true
, the report will expect the narratives to be present and populated:
Introduction
Methodology
Scope
Summary of Findings
These narratives will be displayed in the order above.
If set to false
, the report will display any narrative in the report in the order entered.
The only narrative it won't show in order is a narrative with "Appendix" in the title. In that scenario, the narrative will appear at the bottom of the report.
If bb.strict_narratives
is set to "true," but the fields above are not in the report, the following error message will appear in the export report:
The Summary Table option allows users to choose between multiple table presentations of findings.
Step 1: Open the runbooks template.
Step 2: Go to the "OPTION DEFINITIONS" section of the setup code.
Step 3: Go to the nn.summary_table_option
line. The number listed represents the option that will be leveraged. Modify the value as desired.
Click each expandable section for more information.
The Cover Page option defines the format for the cover page. Users can replace cover art and branding with any option and include additional static content, such as a disclosure statement.
References for additional Report Custom Fields beyond what is presented in the default options can be added.
Don't forget to replace the placeholder text with the organization’s name and address.
Step 1: Open the runbooks template.
Step 2: Go to the "OPTION DEFINITIONS" section of the setup code.
Step 3: Go to the nn.cover_page_option
line. The number listed represents the option that will be leveraged. Modify the value to match the desired option (information on the different options is listed below).
Click each expandable section for more information.
This option allows for omitting any findings with a severity rating of "Informational." The default value is "true."
Step 1: Open the runbooks template.
Step 2: Go to the "OPTION DEFINITIONS" section of the setup code.
Step 3: Go to the bb.display_informationals
line. The value listed determines if the findings will be displayed or not. Modify as desired.
If set to true
, all findings with a severity rating of "Informational" will appear in the report.
If set to false
, all findings with a severity rating of "Informational" will be omitted from display throughout the exported document, not tabulated in the count of findings table (called with display_findings_count)
and omitted from display in the Finding Summary Tables and Detailed Findings.
This option allows for adding a prefix to findings in the report. The default value is " ", which means no prefix is added.
Step 1: Open the runbooks template.
Step 2: Go to the "OPTION DEFINITIONS" section of the setup code.
Step 3: Go to the ss.scope_prefix
line. The value listed determines if the prefix will be displayed or not. Insert a variable to add a prefix to the automatically generated finding numbers.
The prefix will be applied to numbering in the Finding Summary and Detailed Findings sections.
The Finding Details option allows users to choose between multiple presentations of finding details information.
Step 1: Open the runbooks template.
Step 2: Go to the "OPTION DEFINITIONS" section of the setup code.
Step 3: Go to the nn.detailed_findings_option
line. The number listed represents the option that will be leveraged. Modify the value as desired.
Click each expandable section for more information.
This option allows for omitting any raw evidence in the report. The default value is "false."
Step 1: Open the runbook template.
Step 2: Go to the "OPTION DEFINITIONS" section of the setup code.
Step 3: Go to the bb.include_raw_evidence
line. The value listed determines if the evidence will be displayed or not. Modify as desired.
Step 4: For raw evidence to appear in the report, it must be enabled both in the report settings and within the template. Navigate to the Details tab of the report, scroll to the bottom of the page, and toggle on "Include Raw Evidence on Export."
Enabling bb.include_raw_evidence
will significantly increase the export time and length of the report.
This option inserts a page break between each finding presented in the Detailed Findings section of the report. The default value is false.
Step 1: Open the runbooks template.
Step 2: Go to the "OPTION DEFINITIONS" section of the setup code.
Step 3: Go to the bb.page_break_between_findings
line. The value listed determines if the prefix will be displayed or not. Change the value to "true" to have page breaks inserted.
These are the included pre-built macros for the runbooks report export template. Click each expandable section for more information.
This option determines if the report displays the associated port number, protocol, service and version data for affected assets. The default value is "false."
Step 1: Open the runbooks template.
Step 2: Go to the "OPTION DEFINITIONS" section of the setup code.
Step 3: Go to the bb.dispay_port_data
line. Change the value to "true" to display any associated port number, protocol, service and version data if available for affected assets.
If set to true
, the report displays any associated port number, protocol, service and version data for affected assets.
If set to false
, only the name of the affected asset(s) will be displayed in a comma-delimited list.
The Display Procedure option allows users to choose if the "Procedure" section of the template is included in the report. This is tied to the procedure data that is created when doing an engagement in the Runbooks module. The default setting is true
.
Step 1: Open the runbooks template.
Step 2: Go to the "OPTION DEFINITIONS" section of the setup code.
Step 3: Go to the bb.dispay_procedure_data
line. Modify the value as desired.
This option determines the number of lines inserted between each finding in the Detailed Findings Section of a report. The default value is 3.
Step 1: Open the runbooks template.
Step 2: Go to the "OPTION DEFINITIONS" section of the setup code.
Step 3: Go to the nn.newlines_between_findings
line. Change the value to increase or decrease the lines inserted between each finding in the Detailed Findings Section.
The paragraph spacing is determined by the settings applied to the "Normal" style in Microsoft Word. Standard options for line spacing include single spacing (1.0), 1.5-line spacing (1.5), and double spacing (2.0). These settings can be adjusted in the "Paragraph" section of Word.
This option is enabled only if is set to "false."
This option allows users to choose between presentations of the procedure section. The default value is 3
.
Step 1: Open the runbooks template.
Step 2: Go to the "OPTION DEFINITIONS" section of the setup code.
Step 3: Go to the nn.procedure_data_style
line. The number listed represents the option that will be leveraged. Modify the value as desired.
Click each expandable section for more information.