The reports list your hardware on them generally. They need access into your network.
The truth is that instead of faking it, you just do an actual pentest. It is generally a mix of FOSS tools like kali, metasploit, nmap, etc and pay tools like nessus. These can all be automated.
I was asked to review a project of another company, and needed access to their documentation for that. they gave me access to their whole wiki instead of just a part of it. definitely included that in the report
The reports list your hardware on them generally. They need access into your network.
The truth is that instead of faking it, you just do an actual pentest. It is generally a mix of FOSS tools like kali, metasploit, nmap, etc and pay tools like nessus. These can all be automated.
Charge the money, mail them a pre setup laptop, then hit the “go” button and still sit on your ass for a week.
I was thinking this. Get a nice format with letter head or whatever for dumping from the tools but now its almost like an honest living. ewwww.
“Motherfucker, that’s called a job!”
“Sir we found an issue in your security practises. You let some rando into your network. That’s a terrible idea. My invoice is in the mail.”
I was asked to review a project of another company, and needed access to their documentation for that. they gave me access to their whole wiki instead of just a part of it. definitely included that in the report