Bd-Mutant7/pentest-docs

# 🛡️ PentestDocs ## ✨ Features | Feature | Description | |---|---| | 🔐 **Secure Login** | Session-based auth with operator roles (lead, tester, observer) | | 📁 **Engagements** | Create, organise, and track pentest engagements by status | | ⚠️ **Findings** | Document vulnerabilities with severity, CVSS, CVE, evidence & remediation | | ✎ **Rich Editor** | WYSIWYG text editor with formatting toolbar and template loader | | ⊞ **Templates** | 6 professional pentest templates (Executive Summary, Vuln Report, Recon, OWASP, Post-Exploit, RoE) | | 📄 **PDF Export** | Fully styled dark-theme PDF reports generated in-browser with jsPDF | | 🌑 **Dark Mode** | Full cybersecurity terminal aesthetic — green-on-black, CRT scanlines, Orbitron font | | 🗂️ **Organise** | Filter findings by severity, status, and keyword across all engagements | | 💾 **Local Storage** | All data persisted in browser localStorage — no backend required | ## 🖥️ Local Development ``` # 克隆仓库 git clone https://github.com/Bd-Mutant7/pentest-docs.git cd pentest-docs # 安装依赖项 npm install # 启动开发服务器 npm run dev ``` Open [http://localhost:3000](http://localhost:3000) ## 🔑 Demo 凭证 | Username | Password | Role | |---|---|---| | `operator_zero` | `pentest2024` | Lead | | `ghost` | `r3d_t34m` | Tester | | `observer` | `readonly` | Observer | ## 🗂️ 包含的模板 1. **Executive Summary** — High-level stakeholder report 2. **Vulnerability Report** — Individual finding documentation 3. **Network Reconnaissance** — Recon & enumeration documentation 4. **Web Application Pentest** — OWASP Top 10 checklist 5. **Post-Exploitation Report** — Lateral movement & persistence 6. **Scope & Rules of Engagement** — Authorisation and scoping doc ## 🔧 技术栈 - **Framework**: Next.js 14 (App Router) - **Styling**: Tailwind CSS + custom CSS variables - **Fonts**: Orbitron, Share Tech Mono, Rajdhani (Google Fonts) - **PDF**: jsPDF + jspdf-autotable - **Storage**: Browser localStorage (no backend) - **Deploy**: Netlify (`@netlify/plugin-nextjs`) ## 🔮 路线图 / 未来功能 - [ ] Multi-user collaboration (Supabase backend) - [ ] Markdown export - [ ] CVSS calculator widget - [ ] Nmap/Burp import parser - [ ] Screenshot attachment upload - [ ] Custom template builder - [ ] Report branding / logo upload ## ⚖️ 免责声明 This tool is for **authorized security testing and documentation only**. Use responsibly and only on systems you have explicit written permission to test. *Built by [Bd-Mutant7](https://github.com/Bd-Mutant7)*

标签：client-side report, CRT扫描线, CVE, CVSS, dark theme, In-browser PDF, jsPDF, Lead Tester Observer, Orbitron字体, PDF报告生成, PentestDocs, Remediation, SEO渗透测试文档, Tailwind CSS, TCP/IP协议栈, WYSIWYG, 会话认证, 前后端分离, 取证证据, 后渗透测试, 富文本编辑, 开源文档平台, 执行摘要, 数字签名, 暗色模式, 本地存储, 模板引擎, 渗透测试文档, 渗透测试管理, 漏洞报告模板, 漏洞跟踪, 终端主题, 绿色终端, 网络安全平台, 自动化攻击, 规则与范围, 运营角色权限