In this chapter, we looked at several means of securely collecting data while performing our testing—for example, VIM, Nano, and gedit. We also built upon our existing knowledge of Dradis to configure it to be used by several testers at the same time.

We reviewed several key items that should be part of any penetration testing report. Sometimes, the only visibility your company receives will be based on this report. The better the report, the more likely it is that you will be called in again the next time a penetration test is required.

We closed by issuing a small challenge to the reader to complete and document an assessment on the configuration reviewed within this chapter.

In the next chapter, we will have the chance to put all of this information to work when we proceed with building out a test lab that emulates a secured fictional corporation.