A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:


Hack for Show, Report for Dough - Brian King BSides Cleveland 2019 (Hacking Illustrated Series InfoSec Tutorial Videos)

Hack for Show, Report for Dough
Brian King


The fun part of pentesting is the hacking. But the part that makes it a viable career is the reporting. You can develop the most amazing exploit for the most surprising vulnerability, but if you can't document it clearly for the people who need to fix it, then you're just having fun. Which is fine! But if you want to get hired again, your reports need to be as clear and useful as your hacks are awesome. There are a few fundamental things that should guide your report-writing. You'll hear about those, and also learn some techniques and shortcuts to make sure you're following them consistently. You'll see some before-and-after examples of a bad report made good, with clear explanations of what makes the difference.

Brian spent about seven years pentesting inside large finance organizations before joining Black Hills Infosec three years ago to pentest lots of other things. He believes that communicating is just as important as technical skills, and need not be as uncomfortable as we sometimes make it out to be.

Back to BSides Cleveland 2019 video list

Printable version of this article

15 most recent posts on Irongeek.com:

If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast