Links

Template - Options

RemoveDuplicatePOCs

This option can be set at the beginning of your template in order to remove duplicate Proof-of-Concepts/Steps to Reproduce for vulnerabilities which have multiple affected assets and each affected asset has the same POC & Notes.
{#$optionRemoveDuplicatePOCs}{/}
This option is useful to reduce duplicate entries where the POCs/Notes are the same, significantly reducing report size and making content more useful to the reader. It requires use of the {#assets_equally_affected} tag in order to inform the reader that there are other affected assets with the same POC/Notes, and here is the list.
How it works:
  1. 1.
    For the first affected asset on a vulnerability, it will include the POC & Notes using the {#proof_of_concept} & {#notes} tags.
  2. 2.
    It will check if there are other affected assets for this vulnerability with the same POC/Notes, and if so, it will add them to the {#assets_equally_affected} list for the current affected asset.
  3. 3.
    The assets in the {#assets_equally_affected} list are removed from the loop to avoid displaying duplicate entries in the report.
Example:
!IMPORTANT: You must include {#$optionRemoveDuplicatePOCs}{/} tag at the beginning of your template file.
{#$optionRemoveDuplicatePOCs}{/}
...
{#vulnerabilities}
{title}
{#proof_of_concept}
{text}{%inlineScreenshot}
{/proof_of_concept}
{#assets_equally_affected_title}
ASSETS EQUALLY AFFECTED
{/assets_equally_affected_title}
{#assets_equally_affected}
1. {.}
{/assets_equally_affected}
{/vulnerabilities}

RemoveDuplicateEvidence

This option can be set at the beginning of your template in order to remove duplicate Evidence for vulnerabilities which have already used/included the evidence within the Proof-of-Concept or Notes for any of affected assets, for example the screenshots have already appeared in-line within the Proof-of-Concept or Notes.
{#$optionRemoveDuplicateEvidence}{/}
This option is useful to reduce duplicate evidence displaying, significantly reducing report size and making content more useful to the reader.
How it works:
  1. 1.
    When looping over {#affected_assets} - if the {#proof_of_concept} or {#notes} includes an {%inlineScreenshot} - this screenshot will be removed from the {#evidence} section (to avoid duplication of displaying the same evidence file).
Example:
!IMPORTANT: You must include {#$optionRemoveDuplicateEvidence}{/} tag at the beginning of your template file.
{#$optionRemoveDuplicateEvidence}{/}
...
{#vulnerabilities}
{title}
{#notes}
{note}{%inlineScreenshot}
{/notes}
{#proof_of_concept}
{text}{%inlineScreenshot}
{/proof_of_concept}
{#evidence}
{%fileBase64}
{fileName}
{/evidence}
{/vulnerabilities}

Toggle Image Description (Filename/Caption)

This option can be set against the {@proof_of_concept_styled} tag in order to adjust how the filename or caption is displayed under an image.
{@proof_of_concept_styled(“image_description”:“caption”)}
{@proof_of_concept_styled(“image_description”:“prefer-caption”)}
{@proof_of_concept_styled(“image_description”:“filename”)}
{@proof_of_concept_styled(“image_description”:“none”)}
  • image_description: caption - will display the caption if it exists, otherwise will display nothing.
  • image_description: prefer-caption - will display the caption if it exists, otherwise will display filename.
  • image_description: caption - will display the filename.
  • image_description: none - will display no caption or filename.