ReportGen
AttackForge ReportGen is a client-side tool to help you create fully custom reports based on your own DOCX report templates.
It works by using the AttackForge Project JSON Export to map data to meta fields in the DOCX template. This means you can use AttackForge to create a variety of reports, for any purpose you desire, using a single JSON export file.
AttackForge ReportGen runs locally in your browser. You do not need to install anything. It is self-contained therefore requires no external dependencies (can operate in offline environment) and is supported by most major browsers including Chrome, Firefox, Safari, Edge, Internet Explorer and others.

How It Works

To use AttackForge ReportGen, you will need the following:
    Download AttackForge ReportGen tool (HTML file) - you can download this from AttackForge.
    DOCX Template with included meta tags - you can download a free template from AttackForge to get started fast. There are many different templates available for different audiences and purposes.
    JSON Export - you can download this from your project.
Once you have all 3 files, open the AttackForge ReportGen tool (HTML file).

Step 1: Select Your DOCX Template

You need to select the DOCX template that you would like to use for the report. If you do not already have a fully customized template, try using the free template from AttackForge.

Step 2: Select Your JSON Export

You need to select the JSON export file for your project. This contains all the data which is normally included in the PDF, DOCX & HTML on-demand reports.

Step 3: Enjoy Saving Hours of Reporting Time!

Your report should automatically download in your browser.

Updating Your DOCX Template

When setting up your template for the first time, we recommend starting with the free template provided in AttackForge - as it contains all the necessary meta tags which map to the JSON export, including a typical pentest report layout & sections which you can use with customers immediately.
However if you would like to manually create your DOCX template - you can use the ReportGen browser console to see all the meta tags & matching data from your JSON export. This will help you to identify which sections to include in your report.

Troubleshooting

If you are experiencing issues generating the report e.g. it won't download - try checking your browser console to see what the error is. AttackForge ReportGen has verbose errors enabled to help you identify the root cause of your problem.
To identify where an issue might be in your DOCX template, try downloading the free template provided on AttackForge and modify it step by step until it matches your report style, testing it as you go to identify where it is breaking.
AttackForge ReportGen is built on DOCXTemplater. They also include useful information on how the meta tags work, especially when it comes to loops and nesting.
We have included details below on how the tags work, to help you with creating your custom templates:
Reminder: ReportGen only works with AttackForge JSON Reports.

General Syntax rules

{<tag>} - displays value of the tag {#<tag>} - opens a for-loop for a tag. Used if accessing nested data e.g. a list or array {.} - display values of string array e.g. ['hello', 'sir', 'how', 'are', 'you?'] will translate to: hello sir how are you? {/<tag>} - closes a for-loop for a tag. You can also use {/}. {^<tag>}{/<tag>} - where tag is not defined, display following e.g. {^<tag>} Tag Not Defined / Value Not Found {/<tag>} {%<tag>} - display image
The following information is taken from DOCXTemplater help site. It is recommended to visit their site directly for the latest updates and for more information.
Example:
1
{user.name}
Copied!
To access the nested name property in the following data :
1
{
2
user: {
3
name: 'John'
4
}
5
}
Copied!
You can also use +, -, *, /, >, < operators.

Options

RemoveDuplicatePOCs

This option can be set at the beginning of your template in order to remove duplicate Proof-of-Concepts/Steps to Reproduce for vulnerabilities which have multiple affected assets and each affected asset has the same POC & Notes.
1
{#$optionRemoveDuplicatePOCs}{/}
Copied!
This option is useful to reduce duplicate entries where the POCs/Notes are the same, significantly reducing report size and making content more useful to the reader. It requires use of the {#assets_equally_affected} tag in order to inform the reader that there are other affected assets with the same POC/Notes, and here is the list.
How it works:
    1.
    For the first affected asset on a vulnerability, it will include the POC & Notes using the {#proof_of_concept} & {#notes} tags.
    2.
    It will check if there are other affected assets for this vulnerability with the same POC/Notes, and if so, it will add them to the {#assets_equally_affected} list for the current affected asset.
    3.
    The assets in the {#assets_equally_affected} list are removed from the loop to avoid displaying duplicate entries in the report.
Example:
!IMPORTANT: You must include {#$optionRemoveDuplicatePOCs}{/} tag at the beginning of your template file.
1
{#$optionRemoveDuplicatePOCs}{/}
2
...
3
{#vulnerabilities}
4
{title}
5
{#proof_of_concept}
6
{text}{%inlineScreenshot}
7
{/proof_of_concept}
8
{#assets_equally_affected_title}
9
ASSETS EQUALLY AFFECTED
10
{/assets_equally_affected_title}
11
{#assets_equally_affected}
12
1. {.}
13
{/assets_equally_affected}
14
{/vulnerabilities}
Copied!

RemoveDuplicateEvidence

This option can be set at the beginning of your template in order to remove duplicate Evidence for vulnerabilities which have already used/included the evidence within the Proof-of-Concept or Notes for any of affected assets, for example the screenshots have already appeared in-line within the Proof-of-Concept or Notes.
1
{#$optionRemoveDuplicateEvidence}{/}
Copied!
This option is useful to reduce duplicate evidence displaying, significantly reducing report size and making content more useful to the reader.
How it works:
    1.
    When looping over {#affected_assets} - if the {#proof_of_concept} or {#notes} includes an {%inlineScreenshot} - this screenshot will be removed from the {#evidence} section (to avoid duplication of displaying the same evidence file).
Example:
!IMPORTANT: You must include {#$optionRemoveDuplicateEvidence}{/} tag at the beginning of your template file.
1
{#$optionRemoveDuplicateEvidence}{/}
2
...
3
{#vulnerabilities}
4
{title}
5
{#notes}
6
{note}{%inlineScreenshot}
7
{/notes}
8
{#proof_of_concept}
9
{text}{%inlineScreenshot}
10
{/proof_of_concept}
11
{#evidence}
12
{%fileBase64}
13
{fileName}
14
{/evidence}
15
{/vulnerabilities}
Copied!

Conditions

1
{#users.length>1}
2
There are multiple users
3
{/}
4
5
{#userName == "John"}
6
Hello John, welcome back
7
{/}
Copied!
The first condition will render the section only if there are 2 or more users.
The second condition will render the section only if the userName is the string “John”.
It also handles the boolean operators AND &&, OR ||, +, -, the ternary operator a ? b : c, operator precedence with parenthesis (a && b) || c, and many other javascript features.
For example, it is possible to write the following template:
1
{#generalCondition}
2
{#cond1 || cond2}
3
Paragraph 1
4
{/}
5
{#cond2 && cond3}
6
Paragraph 2
7
{/}
8
{#cond4 ? users : usersWithAdminRights}
9
Paragraph 3
10
{/}
11
There are {users.length} users.
12
{/generalCondition}
Copied!

Tables

You can add tables with repeating rows as follows:
The output in your report will appear as follows:

Adding Logic to Tables

You can combine this with Conditions to colour-code the relevant sections:
The output will appears as follows:

Filters

Filter - FilterBy

You can use this filter in order to extract filtered data for vulnerabilities using various conditions.
Currently the following conditions are supported:
    filterBy:'AffectedAssetReportGenTags'
    filterBy:'AffectedAssetReportGenTags-CountVulns'

filterBy:'AffectedAssetReportGenTags'

This filter can be used to retrieve a list of vulnerabilities which have affected assets that meet conditions in their ReportGen tags.
The following example will return a list of vulnerabilities which have affected assets that have at least one ReportGen tag that is set to Source = External. This is useful for reporting on External Vulnerabilities in your report.
1
{#vulnerabilities | filterBy:'AffectedAssetReportGenTags':['Source:External']}
2
{priority} - {title}
3
{#affected_assets}
4
{asset}
5
{/}{/}
Copied!
    {#vulnerabilities | filterBy:'AffectedAssetReportGenTags':['Source:External']}
      Loop through vulnerabilities.
      Apply filterBy filter with following parameters:
        AffectedAssetReportGenTags - this instructs the filter to use this condition
        ['Source:External'] - this instructs the filter to only return vulnerabilities and their affected assets which specifically have a ReportGen tag which equals Source = External.
    {priority} - {title}
      Print priority and title of vulnerability which meets the filter.
    {#affected_assets}
      Loop through affected assets on the vulnerability.
    {asset}
      Print name of the affected asset.
This filter supports an array of ReportGen tags when inputting conditions, as well as AND and OR operators.
For example, using an AND operator with multiple ReportGen tag conditions:
1
{#criticalVulnerabilities | filterBy:'AffectedAssetReportGenTags':['Source:External','OWASPTop10:True']:'AND'}
2
{priority} - {title}
3
{#affected_assets}
4
{asset}
5
{/}{/}
Copied!
This will return a list of critical vulnerabilities which have affected assets that have both ReportGen tags Source = External and OWASPTop10 = True.
You can also omit the AND operator, as this filter uses AND condition by default.
For example, using an OR operator with multiple ReportGen tag conditions:
1
{#criticalVulnerabilities | filterBy:'AffectedAssetReportGenTags':['Source:External','OWASPTop10:True']:'OR'}
2
{priority} - {title}
3
{#affected_assets}
4
{asset}
5
{/}{/}
Copied!
This will return a list of critical vulnerabilities which have affected assets that have either ReportGen tags Source = External or OWASPTop10 = True.

filterBy:'AffectedAssetReportGenTags-CountVulns'

This filter can be used to retrieve a count of vulnerabilities which have affected assets that meet conditions in their ReportGen tags.
The following example will return a count of vulnerabilities which have affected assets that have at least one ReportGen tag that is set to Source = External. This is useful for reporting on total number of External Vulnerabilities in your report.
1
{vulnerabilities | filterBy:'AffectedAssetReportGenTags-CountVulns':['Source:External']}
2
Copied!
    {vulnerabilities | filterBy:'AffectedAssetReportGenTags-CountVulns':['Source:External']}
      Apply filterBy filter with following parameters:
        AffectedAssetReportGenTags-CountVulns - this instructs the filter to use this condition
        ['Source:External'] - this instructs the filter to only count vulnerabilities where their affected assets specifically have a ReportGen tag which equals Source = External.
This filter supports an array of ReportGen tags when inputting conditions, as well as AND and OR operators.
For example, using an AND operator with multiple ReportGen tag conditions:
1
{criticalVulnerabilities | filterBy:'AffectedAssetReportGenTags':['Source:External','OWASPTop10:True']:'AND'}
Copied!
This will return a count of critical vulnerabilities which have affected assets that have both ReportGen tags Source = External and OWASPTop10 = True.
You can also omit the AND operator, as this filter uses AND condition by default.
For example, using an OR operator with multiple ReportGen tag conditions:
1
{criticalVulnerabilities | filterBy:'AffectedAssetReportGenTags':['Source:External','OWASPTop10:True']:'OR'}
Copied!
This will return a count of critical vulnerabilities which have affected assets that have either ReportGen tags Source = External or OWASPTop10 = True.

Filter - Includes

You can check to see if a tag contains a specified value, or array of values, and continue if true/exists.
1
{#vulnerabilities}
2
{#title | includes:['SQL Injection','Cross Site Scripting']}
3
{priority} - {title}
4
{/}{/}
Copied!
    {#vulnerabilities}
      Loop through vulnerabilities.
    {#title | includes:['SQL Injection','Cross Site Scripting']}
      Check to see if the title of the vulnerability contains the values "SQL Injection" or "Cross Site Scripting", and if so proceed. Otherwise stop. This filter also includes partial matches e.g. "Blind SQL Injection" would also return true.
    {priority} - {title}
      Print priority and title of vulnerability assuming that it includes or partially includes
      "SQL Injection" or "Cross Site Scripting" in the title.

Filter - Excludes

You can check to see if a tag does not contain a specified value, or array of values, and continue if true/doesn't exist.
1
{#vulnerabilities}
2
{#title | excludes:['SQL Injection','Cross Site Scripting']}
3
{priority} - {title}
4
{/}{/}
Copied!
    {#vulnerabilities}
      Loop through vulnerabilities.
    {#title | excludes:['SQL Injection','Cross Site Scripting']}
      Check to see if the title of the vulnerability does not contain the values "SQL Injection" or "Cross Site Scripting", and if so proceed. Otherwise stop. This filter also includes partial matches e.g. "Blind SQL Injection" would also return true.
    {priority} - {title}
      Print priority and title of vulnerability assuming that it does not include or partially include
      "SQL Injection" or "Cross Site Scripting" in the title.

Filter - Store

You can store custom data in arbitrarily defined tags using this filter.
For example we can create a new custom tag called 'AllVulns' and reference it, along with its data, later in the template as follows:
1
{#vulnerabilities}{#title | store:’AllVulns’:this}{/}{/}
2
{#$storedAllVulns}
3
{priority} {title}
4
{/}
Copied!
    {#vulnerabilities}{#title | store:’AllVulns’:this}{/}{/}
      Loop through vulnerabilities.
      Define a new custom tag called 'AllVulns'
      Store the value of this in the new custom tag. In the context of {#vulnerabilities} - this will be equal to the vulnerability
    {#$storedAllVulns}
      Loop through the new custom tag we created above called AllVulns
      You must include #$stored prefix in order to use this new custom tag
    {priority} {title}
      Print priority & title of vulnerability.
A more complex example includes how to create a custom tag that will hold all of the Critical Web Application vulnerabilities found on the project. This includes using ReportGen custom tags for affected_assets:
1
{#vulnerabilities}
2
{#priority == “Critical”}
3
{#affected_assets}
4
{#assetCustomTags}
5
{#Source == “Web”}
6
{#title | store:’CriticalWebVulns’:this:’affected_assets’:’assetCustomTags’:[‘Source:Web’]}
7
8
{/} {/} {/} {/} {/} {/}
9
{#$storedCriticalWebVulns}
10
{priority} {title}
11
{/}
12
Copied!
    {#vulnerabilities}
      Loop through vulnerabilities.
    {#priority == “Critical”}
      Check if vulnerability priority is equal to Critical, then proceed
      This check is used to ascertain the vulnerability is a Critical vulnerability
    {#affected_assets}
      Loop through affected assets on the vulnerability
    {#assetCustomTags}
      Loop through custom ReportGen tags on the affected asset
    {#Source == "Web"}
      Check if custom ReportGen tag has key/name "Source" and a value "Web"
      This check is used to ascertain the vulnerability is a Web Application vulnerability
    {#title | store:’CriticalWebVulns’:this:’affected_assets’:’assetCustomTags’:[‘Source:Web’]}
      Define a new custom tag called 'CriticalWebVulns'
      Store the value of this which in this case the the vulnerability itself
      Check if any of the custom affected asset tags contain any of the key/value pairs supplied, in this case ‘Source:Web’ – note this is an array, you can add more values, it is an OR operator
    {/} {/} {/} {/} {/} {/}
      Close all of the open loops (see above)
    {#$storedCriticalWebVulns}
      Loop through the new custom tag we created above called CriticalWebVulns. This custom tag now contains Critical vulnerabilities which have affected assets which have custom tags indicating they are web application vulnerabilities
      You must include #$stored prefix in order to use this new custom tag
    {priority} {title}
      Print priority & title of vulnerability.

Filter - Find

You can search a tag which contains an array of objects to return an object which meets a specific condition
1
{#vulnerabilities | find:"title":"Missing X-XSS-Protection Header"}
2
{title}
3
{/}
Copied!
    {#vulnerabilities | find:"title":"Missing X-XSS-Protection Header"}
      Loop through vulnerabilities and search each one until it finds a vulnerability with a title equal to Missing X-XSS-Protection Header, then return the vulnerability.
    {title}
      Print title of vulnerability, in this case it would be "Missing X-XSS-Protection Header" as that is the vulnerability which was returned from the list of vulnerabilities.

Filter - FindVulns

You can use this filter to find a vulnerability based on a Title & Priority.
For example, if you wanted to create a report which shows all Assets on the project, and their Vulnerabilities (Asset to Vulnerability table or mapping) - you can achieve that using this filter. Note this requires using the store filter in combination with findVulns filter as follows:
1
{#vulnerabilities}{#title | store:’allVulns’:this}{/}{/}
2
{#assetVulnerabilityMapping}
3
{asset}
4
{#vulnerabilities}
5
{priority} - {status} - {vulnerability}
6
{#vulnerabilities | findVuln:’allVulns’:this.vulnerability:this.priority}
7
{description}
8
{attack_scenario}
9
{remediation_recommendation}
10
11
{/}{/}{/}
Copied!
    {#vulnerabilities}{#title | store:’allVulns’:this}{/}{/}
      Loop through vulnerabilities.
      Define a new custom tag called 'allVulns'
      Store the value of this which in this case is the vulnerability itself
    {#assetVulnerabilityMapping}
      Loop through Asset-to-Vulnerability mapping
    {asset}
      Print the name of the asset
    {#vulnerabilities}
      Loop through vulnerabilities linked to the Asset
      NOTE: This is different to {#vulnerabilities} referenced at line 1 above.
    {priority} - {status} - {vulnerability}
      Print the priority, remediation status & name of the vulnerability
    {#vulnerabilities | findVuln:’allVulns’:this.vulnerability:this.priority}
      Find the vulnerability (from list of all project vulnerabilities) where it matches the name/title & priority of the current vulnerability linked to the asset
    {description}
      Print the description of the vulnerability linked to the asset
    {attack_scenario}
      Print the attack scenario of the vulnerability linked to the asset
    {remediation_recommendation}
      Print the remediation recommendation of the vulnerability linked to the asset

Filter - Unique

You can use a 'unique' filter to check if a value has already been printed in the report, and if so, it will skip printing it again.
1
{#vulnerabilities}
2
{#priority == “Critical”}
3
{#affected_assets}
4
{#assetCustomTags}
5
{#Source == “Internal”}
6
{#title | unique:'InternalVulnsTable'}
7
{title}
8
{/}{/}{/}{/}{/}{/}
Copied!
    {#vulnerabilities}
      Loop through vulnerabilities.
    {#priority == “Critical”}
      Select vulnerabilities which have a priority of ‘Critical’.
    {#affected_assets}
      Loop through Affected Assets for each Critical vulnerability.
    {#assetCustomTags}
      Loop through Custom Tags for each Affected Asset for each Critical vulnerability.
    {#Source == “Internal”}
      Check to see whether a Custom Tag ‘Source’ exists, and if so check to see if it’s value is “Internal”.
    {#title | unique:'InternalVulnsTable'}
      This is a condition against the ‘title’ field for a vulnerability
      This condition will check to see whether the value is unique (i.e. it hasn’t already been used/printed). This is useful to prevent printing duplicate values when looping through affected assets, for example vulnerability title.
      This function works by taking 2 arguments – Key & Value. In the example above, Key = {title} e.g. Blind SQL Injection; and Value = ‘InternalVulnsTable’
      This function will check to see if the Key/Value pair has already been printed in the report, and if so, it will skip printing it again – for example to avoid duplicating printing of vulnerability title for each affected asset in a table containing list of Internal Vulnerabilities.
    {title}
      Print title of vulnerability.

Filter - Count

You can use a 'count' filter to set an arbitrary counter for a condition, then reference that counter later on.
1
{#vulnerabilities}
2
{#priority == “Critical”}
3
{#affected_assets}
4
{#assetCustomTags}
5
{#Source == “Internal”}
6
{#title | unique:'InternalVulnsTable' | count:'InternalVulnsTableCritical'}
7
{title}
8
{/}{/}{/}{/}{/}{/}
9
{#$countInternalVulnsTableCritical}
10
{$countInternalVulnsTableCritical}
11
{/}
Copied!
    {#vulnerabilities}
      Loop through vulnerabilities.
    {#priority == “Critical”}
      Select vulnerabilities which have a priority of ‘Critical’.
    {#affected_assets}
      Loop through Affected Assets for each Critical vulnerability.
    {#assetCustomTags}
      Loop through Custom Tags for each Affected Asset for each Critical vulnerability.
    {#Source == “Internal”}
      Check to see whether a Custom Tag ‘Source’ exists, and if so check to see if it’s value is “Internal”.
    {#title | unique:'InternalVulnsTable' | count:'InternalVulnsTableCritical'}
      We are chaining together the 'unique' filter with the 'count' filter against the ‘title’ field for a vulnerability
      For details on how the 'unique' filter works - see above.
      Count filter works by taking 2 arguments – Key & Value. In the example above, Key = {title} e.g. Blind SQL Injection; and Value = ‘InternalVulnsTableCritical’
      This function will count the number of times it is executed and store the result in a tag called $countVALUE where VALUE = ‘InternalVulnsTableCritical’
      Because we are chaining this filter with another filter - in this case the 'unique' filter - the unique filter condition must be met first before this function executes and counter is incremented.
      For example, if the dataset had 3 unique Critical vulnerabilities - $countInternalVulnsTableCritical will be equal to 3.
    {title}
      Print title of vulnerability.
    {#$countInternalVulnsTableCritical}
      Access the new dynamic tag '$countInternalVulnsTableCritical' created when we ran count:'InternalVulnsTableCritical'
    {$countInternalVulnsTableCritical}
      Print the value of the counter for 'InternalVulnsTableCritical'

Filter - Uppercase

You can convert a tag to uppercase using the following filter:
1
{#title | upper}
Copied!

Filter - Lowercase

You can convert a tag to lowercase using the following filter:
1
{#title | lower}
Copied!

Data Aggregation

If your data is the following:
1
{
2
"items": [
3
{
4
"name": "Acme Computer",
5
"price": 1000,
6
},
7
{
8
"name": "Mouse & Keyboard",
9
"price": 150,
10
}
11
],
12
}
Copied!
And you would like to show the total price, you can use:
1
{#items}
2
{name} for a price of {price} €
3
{/}
4
Total Price of your purchase : {items | sumby:'price'}€
Copied!

Data Formatting

This example is to format numbers in the format: “150.00” (2 digits of precision):
1
{
2
"items": [
3
{
4
"name": "Acme Computer",
5
"price": 1000,
6
},
7
{
8
"name": "Mouse & Keyboard",
9
"price": 150,
10
}
11
],
12
}
Copied!
And you would like to show the price with two digits of precision, you can write in your template :
1
{#items}
2
{name} for a price of {price | toFixed:2} €
3
{/}
Copied!

Assignments

It is possible to assign a value to a variable directly from your template. For example, in your template, write:
1
{full_name = first_name + last_name}
Copied!
The problem with this expression is that it will return the value of full_name. There are two ways to fix this issue, either if you still would like to keep this as the default behaviour, add ; ‘’ after your expression, for example
1
{full_name = first_name + last_name; ''}
Copied!
This will first execute the expression, and then execute the second statement which is an empty string, and return it.
An other approach is to automatically silence the return values of expression containing variable assignments.

Available Tags for Individual Reports

    {@pageBreak} - adds a page break.
    {#projectCustomTags} - you can define & use custom tags/fields in ReportGen. For more details check out Creating Custom Fields within ReportGen Reports
    {projectName} - name of the project
    {projectCode} - project code
    {timestamp} - timestamp for when JSON report was downloaded
    {#statusUpdates} - details for each project status update e.g. when project goes on-hold or off-hold
      {status} - e.g. 'On-Hold' or 'Off-Hold'
      {note} - reason why project was on-hold or off-hold
      {created} - timestamp when project went on-hold or off-hold
    {totalUniqueVulnerabilities} - total unique vulnerabilities on the project
    {totalCriticalVulnerabilities} - total unique critical vulnerabilities on the project
    {totalHighVulnerabilities} - total unique high vulnerabilities on the project
    {totalMediumVulnerabilities} - total unique medium vulnerabilities on the project
    {totalLowVulnerabilities} - total unique low vulnerabilities on the project
    {totalInfoVulnerabilities} - total unique informational vulnerabilities on the project
    {totalZeroDayVulnerabilities} - total unique zero-day vulnerabilities on the project
    {totalEasilyExploitableVulnerabilities} - total unique easily exploitable vulnerabilities on the project
    {totalTestcases} - total test cases assigned to the project
    {totalCompleted} - total completed test cases on the project
    {totalInProgress} - total in-progress test cases on the project
    {totalNotTested} - total not-tested test cases on the project
    {totalNotApplicable} - total not applicable test cases on the project
    {#execSummaryNotesHeading} - set a custom heading for the exec summary, auto disable if no exec summary on project
    {#execSummaryNotes} - executive summary notes on the project
      {execSummaryNotes} - exec summary notes
      {%inlineScreenshot} - display exec summary screenshots
    {startDate} - test window start date for the project
    {progress} - percentage of test cases actioned on the project
    {endDate} - test window start date for the project
    {projectDuration} - project duration in days i.e. difference between start & end dates
    {totalVulns} - total vulnerabilities across all assets on the project
    {totalCriticalVulnsAllAssets} - total critical vulnerabilities across all assets on the project
    {totalHighVulnsAllAssets} - total high vulnerabilities across all assets on the project
    {totalMediumVulnsAllAssets} - total medium vulnerabilities across all assets on the project
    {totalLowVulnsAllAssets} - total low vulnerabilities across all assets on the project
    {totalInfoVulnsAllAssets} - total informational vulnerabilities across all assets on the project
    {totalFixedVulns} - total fixed/closed vulnerabilities across all assets on the project
    {totalRetestingVulns} - total vulnerabilities flagged as retesting across all assets on the project
    {totalNotFixedVulns} - total not fixed/open vulnerabilities across all assets on the project
    {#assets} - list of all assets on the project
      {.} - name of each asset
    {#projectTeam} - list of all project team members
      {.} - name of each project team member
    {#retestingHistory} - list of all rounds of retesting requested & completed on the project
      {retesting_round} - e.g. 1, 2, 3, etc.
      {retesting_round_status} - whether the retest round was Requested or Completed
      {retesting_custom_round_name} - custom round name (optional)
      {retesting_custom_status_name} - custom status name (optional)
      {retesting_round_actioned_by} - name of person who requested or completed the round of retesting
      {created} - date when round of retest was requested or completed
      {#vulnerabilities} - list of all vulnerabilities requested / completed on the round of retesting
        {vulnerability} - name of the vulnerability
        {#vulnerability_details}
          {#vulnerabilityCustomTags} - you can define & use custom tags/fields in ReportGen. For more details check out Creating Custom Fields within ReportGen Reports
          {title} - title of the vulnerability
          {priority} - priority of the vulnerability e.g. Critical, High, Medium, Low, Info
          {remediation_status} - either Open or Closed. Only Closed if all affected assets are also Closed.
          {description} - description of the vulnerability
          {attack_scenario} - attack scenario for the vulnerability
          {remediation_recommendation} - remediation recommendation for the vulnerability
          {cvssv3_vector} - includes the CVSS v3.1 vector string e.g. /AV/...
          {cvssv3_base_score} - includes the CVSS v3.1 base score e.g. 10.0
          {cvssv3_temporal_score} - includes the CVSS v3.1 temporal score e.g. 10.0
          {cvssv3_environmental_score} - includes the CVSS v3.1 environmental score e.g. 10.0
          {testcases} - list of all the linked test cases to the vulnerability
          {#tags} - list of all tags
            {.} - tag
          {#affected_asset} - details for the affected asset - see {#assetVulnerabilityMapping} - {asset}
            {#assetCustomTags} - you can define & use custom tags/fields in ReportGen. For more details check out Creating Custom Fields within Individual Reports
            {asset} - asset name
            {remediation_status} - includes the remediation status of the vulnerability for the affected asset e.g. Open / Ready for Retest on <DATE> / Closed on <DATE>
            {#remediation_notes} - list of all remediation notes for this affected asset
              {created} - date stamp when remediation note was created
              {note} - remediation note details
            {#notes} - list of all notes for this affected asset
              {note} - note details
              {%inlineScreenshot} - display inline images where they are included in the note
            {#proof_of_concept} - details for proof of concept / steps to reproduce
              {text} - proof of concept / steps to reproduce
              {%inlineScreenshot} - display inline images where they are included in the note
            {#proof_of_concept_raw} - details for proof of concept / steps to reproduce in RAW HTML format (verbatim).
            {#assets_equally_affected_title} - in order to cut-down report size, de-duplication is performed for each asset where #notes and #proof_of_concept are the same. This tag is used to display the heading for this section e.g. LIST OF ASSETS EQUALLY AFFECTED
            {#assets_equally_affected} - in order to cut-down report size, de-duplication is performed for each asset where #notes and #proof_of_concept are the same. This tag is used to display the names of all the assets which have the same POC & Notes as the vulnerability above.
              {.} - asset name
          {#affected_assets} - list of all affected assets for this vulnerability
            {#assetCustomTags} - you can define & use custom tags/fields in ReportGen. For more details check out Creating Custom Fields within Individual Reports
            {asset} - asset name
            {remediation_status} - includes the remediation status of the vulnerability for the affected asset e.g. Open / Ready for Retest on <DATE> / Closed on <DATE>
            {#remediation_notes} - list of all remediation notes for this affected asset
              {created} - date stamp when remediation note was created
              {note} - remediation note details
            {#notes} - list of all notes for this affected asset
              {note} - note details
              {%inlineScreenshot} - display inline images where they are included in the note
            {#proof_of_concept} - details for proof of concept / steps to reproduce
              {text} - proof of concept / steps to reproduce
              {%inlineScreenshot} - display inline images where they are included in the note
            {#proof_of_concept_raw} - details for proof of concept / steps to reproduce in RAW HTML format (verbatim).
            {#assets_equally_affected_title} - in order to cut-down report size, de-duplication is performed for each asset where #notes and #proof_of_concept are the same. This tag is used to display the heading for this section e.g. LIST OF ASSETS EQUALLY AFFECTED
            {#assets_equally_affected} - in order to cut-down report size, de-duplication is performed for each asset where #notes and #proof_of_concept are the same. This tag is used to display the names of all the assets which have the same POC & Notes as the vulnerability above.
              {.} - asset name
          {#evidence} - list of all evidence files uploaded to the vulnerabilities for each affected asset. De-duplication is performed to remove images which have already been displayed in the in-line screenshots
            {%fileBase64} - display image (if evidence type is of image format)
            {fileName} - name of the file uploaded
            {caption} - caption for the file (optional)
      {#vulnerabilitiesNotTested} - list of all vulnerabilities not retested on the round of retesting
        {vulnerability} - name of the vulnerability
        {#vulnerability_details}
          {#vulnerabilityCustomTags} - you can define & use custom tags/fields in ReportGen. For more details check out Creating Custom Fields within ReportGen Reports
          {title} - title of the vulnerability
          {priority} - priority of the vulnerability e.g. Critical, High, Medium, Low, Info
          {remediation_status} - either Open or Closed. Only Closed if all affected assets are also Closed.
          {description} - description of the vulnerability
          {attack_scenario} - attack scenario for the vulnerability
          {remediation_recommendation} - remediation recommendation for the vulnerability
          {cvssv3_vector} - includes the CVSS v3.1 vector string e.g. /AV/...
          {cvssv3_base_score} - includes the CVSS v3.1 base score e.g. 10.0
          {cvssv3_temporal_score} - includes the CVSS v3.1 temporal score e.g. 10.0
          {cvssv3_environmental_score} - includes the CVSS v3.1 environmental score e.g. 10.0
          {testcases} - list of all the linked test cases to the vulnerability
          {#tags} - list of all tags
            {.} - tag
          {#affected_asset} - details for the affected asset - see {#assetVulnerabilityMapping} - {asset}
            {#assetCustomTags} - you can define & use custom tags/fields in ReportGen. For more details check out Creating Custom Fields within Individual Reports
            {asset} - asset name
            {remediation_status} - includes the remediation status of the vulnerability for the affected asset e.g. Open / Ready for Retest on <DATE> / Closed on <DATE>
            {#remediation_notes} - list of all remediation notes for this affected asset
              {created} - date stamp when remediation note was created
              {note} - remediation note details
            {#notes} - list of all notes for this affected asset
              {note} - note details
              {%inlineScreenshot} - display inline images where they are included in the note
            {#proof_of_concept} - details for proof of concept / steps to reproduce
              {text} - proof of concept / steps to reproduce
              {%inlineScreenshot} - display inline images where they are included in the note
            {#proof_of_concept_raw} - details for proof of concept / steps to reproduce in RAW HTML format (verbatim).
            {#assets_equally_affected_title} - in order to cut-down report size, de-duplication is performed for each asset where #notes and #proof_of_concept are the same. This tag is used to display the heading for this section e.g. LIST OF ASSETS EQUALLY AFFECTED
            {#assets_equally_affected} - in order to cut-down report size, de-duplication is performed for each asset where #notes and #proof_of_concept are the same. This tag is used to display the names of all the assets which have the same POC & Notes as the vulnerability above.
              {.} - asset name
          {#affected_assets} - list of all affected assets for this vulnerability
            {#assetCustomTags} - you can define & use custom tags/fields in ReportGen. For more details check out Creating Custom Fields within Individual Reports
            {asset} - asset name
            {remediation_status} - includes the remediation status of the vulnerability for the affected asset e.g. Open / Ready for Retest on <DATE> / Closed on <DATE>
            {#remediation_notes} - list of all remediation notes for this affected asset
              {created} - date stamp when remediation note was created
              {note} - remediation note details
            {#notes} - list of all notes for this affected asset
              {note} - note details
              {%inlineScreenshot} - display inline images where they are included in the note
            {#proof_of_concept} - details for proof of concept / steps to reproduce
              {text} - proof of concept / steps to reproduce
              {%inlineScreenshot} - display inline images where they are included in the note
            {#proof_of_concept_raw} - details for proof of concept / steps to reproduce in RAW HTML format (verbatim).
            {#assets_equally_affected_title} - in order to cut-down report size, de-duplication is performed for each asset where #notes and #proof_of_concept are the same. This tag is used to display the heading for this section e.g. LIST OF ASSETS EQUALLY AFFECTED
            {#assets_equally_affected} - in order to cut-down report size, de-duplication is performed for each asset where #notes and #proof_of_concept are the same. This tag is used to display the names of all the assets which have the same POC & Notes as the vulnerability above.
              {.} - asset name
          {#evidence} - list of all evidence files uploaded to the vulnerabilities for each affected asset. De-duplication is performed to remove images which have already been displayed in the in-line screenshots
            {%fileBase64} - display image (if evidence type is of image format)
            {fileName} - name of the file uploaded
            {caption} - caption for the file (optional)
    {#projectNotes} - list of all exportable project notes
      {modified} - contains date when note was last created or last updated
      {note} - contains note
    {#criticalVulns} - list of all critical vulnerabilities & statistics for affected assets. You can also use {#highVulns}; {#mediumVulns}; {#lowVulns}; and {#infoVulns} to access details for vulnerabilities in each of the priority categories.
      {retest_status} - contains status whether vulnerability is Fixed or Not Fixed. A vulnerability is only considered Fixed if ALL affected assets are also fixed/closed.
      {