Findings & Evidence
Why this workflow matters
PentestPath is designed so that findings and evidence are created during the engagement, not bolted on after the fact.
Findings
A finding can carry:
- title
- severity
- status
- description
- impact
- remediation
- CVSS
- CWE
- linked nodes
- linked evidence
Evidence
Evidence entries can represent:
- terminal output
- note
- code
- screenshot
- file
Practical workflow
- Create or update the graph node.
- Add the finding when the issue becomes real enough to track.
- Attach supporting evidence instead of leaving it in terminal scrollback or ad hoc notes.
- Insert findings into the report when you are ready to draft the deliverable.