The attack narrative is a chronological account of how a penetration tester was able to exploit vulnerabilities to achieve specific goals, such as gaining unauthorized access or exfiltrating data. It illustrates the real-world implications of the vulnerabilities by showing how an attacker could potentially exploit them. It helps stakeholders understand the context and potential impact of the findings.
This section will guide the reader through the process performed by the penetration testing team, and it should show correlation between the methodology that was mentioned and the activities performed.
In cases where an event occurred that modified the scope, the attack narrative would mention this and show what followed. It will commonly express, in detail, paths and whether exploits were successful, while only briefly talking about the rest.
-
Step-by-Step Account: Detailed steps taken by the tester during the attack.
-
Initial Entry Point: How the tester initially gained access.
-
Movement and Escalation: How the tester moved through the network and escalated privileges.
-
Objective Achieved: The final outcome or goal achieved by the tester.