Findings & Evidence
Why this workflow matters
PentestPath is designed so that findings and evidence are created during the engagement, not bolted on after the fact.
Findings
A finding can carry:
- title
- severity
- status
- description
- impact
- remediation
- CVSS
- CWE
- linked nodes
- linked evidence
Evidence
Evidence entries can represent:
- terminal output
- note
- code
- screenshot
- file
Screenshot evidence
Screenshot evidence supports both file selection and clipboard paste. After selecting or pasting an image, you can annotate it before saving it to the session:
- draw rectangles around areas of interest
- add arrows for visual callouts
- add short text labels
- apply opaque redaction boxes to hide secrets before the image is stored
Redaction uses a solid overlay rather than blur so hidden data is not recoverable from the saved image.
Practical workflow
- Create or update the graph node.
- Add the finding when the issue becomes real enough to track.
- Attach supporting evidence instead of leaving it in terminal scrollback, screenshots, or ad hoc notes.
- Redact sensitive screenshot regions before saving evidence.
- Insert findings into the report when you are ready to draft the deliverable.