🚗 Our roadmap: We will implement those features next. Our three objectives for the next development cycles are: * 🤖 Improve AI agent * 🚀 Make it easier to get started with SysReptor * 🛡️ Take steps to implement Cyber Resilience Act requirements We broke that down to features in our roadmap: https://lnkd.in/dR8frcVt
SysReptor Pentest Reporting
Software Development
Easy as Pie. For Pentesters. By Pentesters. 💚
About us
SysReptor is a fully customizable pentest reporting platform designed for penetration testers, red teamers, and other cybersecurity professionals. 🎨 Design your report in HTML. ✍️ Write it in Markdown. 📄 Render to PDF. ☁️ Self-hosted or Cloud.
- Website
-
https://sysreptor.com/
External link for SysReptor Pentest Reporting
- Industry
- Software Development
- Company size
- 2-10 employees
- Headquarters
- Göllersdorf
- Founded
- 2022
- Specialties
- pentesting, reporting, security-audit, offsec, hackthebox, pentesting-tool, oscp, cpts, oswp, osee, oswe, oswa, chhb, security-assessment, infosectools, cwee, offensive-security, pentest-reports, and report-generator
Updates
-
🔎 The project search now not only searches for titles, tags and members, but also for project contents. It sounds simple but it was complex due to the database encryption. This prevents searches through the database. A classic usability/security dilemma, which we resolved with a blind trigram index. Find more details on the implementation in the insights post in our docs. (Link in the comments.)
-
-
More information on the vulnerability about sharing private notes of other users (CVE-2026-42291) that we fixed two weeks ago. Kudos to Robin L.
Here's a blog-post detailing how I found a CVE (zero-day vulnerability) in SysReptor. It details what I was looking at, why and how. Technical review is also included: https://lnkd.in/eCB-J7dC Special thanks to SysReptor Pentest Reporting for allowing me to publish the details! ---- Her er en bloggpost om hvordan jeg fant en CVE (0-day sårbarhet) i SysReptor. Den forklarer litt om hva jeg så på, hvorfor og hvordan jeg jobbet med det. Teknisk gjennomgang er også med: https://lnkd.in/eCB-J7dC En ekstra takk til SysReptor Pentest Reporting for at de tillot at jeg publiserer detaljene fra funnet!
-
🛡️Time for a SysReptor update! 🥳 We've got a great security review and hardening time behind us. The today's SysReptor release brings several security hardening measures and fixed a minor "user admin" to "superuser" privilege escalation that is exploitable in non-default configurations. To all SysReptor users who have SSO enabled: We strongly recommend reviewing the SSO config and settings "require_email_verified" to "true" and "user_identifier_claim" to "email". (See https://lnkd.in/d_Ub8pHP)
-
🛡️Time to update SysReptor Professional We fixed a security issue: Read-write access to personal notes by sharing-link creation with no authorization SysReptor Community is also affected, but access to personal notes of other users is intended there (because everyone is superuser). Thank you to Robin L. for reporting ❤️
-
Check out the public handbook from our pentesting team.
🌍 Public by default We decided to publish more of our internal documentation following the principle "public by default", so that the world can benefit. Let's focus on explaining why we shouldn’t publish something, rather than justifying why we should. We migrated the first ~100 pages with 25,000 words, most of it technical information we use on pentests. We hope you enjoy. Find the link below 👇 Inspired by GitLab and Open Core Ventures ❤️
-