Skip to content

Findings & Evidence

Why this workflow matters

PentestPath is designed so that findings and evidence are created during the engagement, not bolted on after the fact.

Findings

A finding can carry:

  • title
  • severity
  • status
  • description
  • impact
  • remediation
  • CVSS
  • CWE
  • linked nodes
  • linked evidence

Evidence

Evidence entries can represent:

  • terminal output
  • note
  • code
  • screenshot
  • file

Screenshot evidence

Screenshot evidence supports both file selection and clipboard paste. After selecting or pasting an image, you can annotate it before saving it to the session:

  • draw rectangles around areas of interest
  • add arrows for visual callouts
  • add short text labels
  • apply opaque redaction boxes to hide secrets before the image is stored

Redaction uses a solid overlay rather than blur so hidden data is not recoverable from the saved image.

Practical workflow

  1. Create or update the graph node.
  2. Add the finding when the issue becomes real enough to track.
  3. Attach supporting evidence instead of leaving it in terminal scrollback, screenshots, or ad hoc notes.
  4. Redact sensitive screenshot regions before saving evidence.
  5. Insert findings into the report when you are ready to draft the deliverable.

PentestPath documentation