CyberCTRL
Sample Report Preview

What Your Report Looks Like

Below is a redacted sample of the penetration test report structure. Actual reports contain full technical details specific to your infrastructure.

CyberCTRL

External Penetration Test Report

Organization: [REDACTED] Pty Ltd

Target Domain: example.com.au

Assessment Date: March 2026

Report Classification: CONFIDENTIAL

Executive Summary

CyberCTRL conducted an external penetration test of the target infrastructure. The assessment identified 5 findings across the target scope, including 1 high-severity issue requiring immediate attention. The overall security posture is assessed as moderate, with several areas for improvement in TLS configuration and HTTP security headers.

Vulnerability Summary

Critical
0
High
1
1
Medium
2
2
Low
1
1
Informational
1
1
Total Findings5

Detailed Findings

VULN-001: Outdated TLS Configuration
HighCVSS 7.5

Description

The server supports TLS 1.0 and TLS 1.1 which are deprecated protocols with known vulnerabilities. Modern clients should use TLS 1.2 or TLS 1.3.

Remediation

Disable TLS 1.0 and TLS 1.1 on the web server. Configure the server to support only TLS 1.2 and TLS 1.3 with strong cipher suites.

VULN-002: Missing Security Headers
MediumCVSS 5.3

Description

Several HTTP security headers are missing including Content-Security-Policy, X-Frame-Options, and Strict-Transport-Security.

Remediation

Implement recommended HTTP security headers: Content-Security-Policy, X-Frame-Options (DENY), Strict-Transport-Security (max-age=31536000), X-Content-Type-Options (nosniff).

VULN-003: Open SMTP Relay Potential
MediumCVSS 5.0

Description

The mail server on port 25 accepts connections from any source and may be susceptible to relay abuse if not properly configured.

Remediation

Verify SMTP relay restrictions are correctly configured. Ensure the mail server only accepts relay from authorized IP addresses and authenticated users.

VULN-004: DNS Zone Transfer Allowed
LowCVSS 3.7

Description

The authoritative DNS server allows zone transfers (AXFR) from any host, potentially exposing internal network topology.

Remediation

Restrict DNS zone transfers to authorized secondary name servers only. Configure allow-transfer ACLs on the DNS server.

VULN-005: Information Disclosure via Server Banner
InformationalCVSS 0.0

Description

The web server responds with detailed version information in the Server header, aiding attackers in identifying known vulnerabilities.

Remediation

Configure the web server to suppress or generalize the Server response header. Remove version numbers from all service banners.

Testing Methodology

This assessment was conducted in accordance with NIST SP 800-115 and OWASP testing guidelines. The following scanning tools were employed during the engagement:

Nmap
testssl.sh
Nikto
Nuclei
DNS Enumeration
HTTP Header Analysis

Ready to assess your external security posture?

Purchase Your Test