diff --git a/xml/dtd/common.xsd b/xml/dtd/common.xsd index e485ab9..b390c4a 100644 --- a/xml/dtd/common.xsd +++ b/xml/dtd/common.xsd @@ -105,6 +105,29 @@ + + + + + + + + + + + + + + + + + + + + + + + diff --git a/xml/dtd/offerte.xsd b/xml/dtd/offerte.xsd index 7f1344c..7a9872b 100644 --- a/xml/dtd/offerte.xsd +++ b/xml/dtd/offerte.xsd @@ -39,29 +39,6 @@ - - - - - - - - - - - - - - - - - - - - - - - diff --git a/xml/dtd/pentestreport.xsd b/xml/dtd/pentestreport.xsd index 3586da2..95d970c 100644 --- a/xml/dtd/pentestreport.xsd +++ b/xml/dtd/pentestreport.xsd @@ -33,9 +33,9 @@ - + diff --git a/xml/source/offerte.xml b/xml/source/offerte.xml new file mode 100644 index 0000000..f6346f5 --- /dev/null +++ b/xml/source/offerte.xml @@ -0,0 +1,54 @@ + + + + penetration retesting services + + retest + + + target1.sittingduck.com + target2.sittingduck.com + FishInABarral App + + + + + + 2 + + TBD + + TBD + + ??? + black-box + + 2000 + + + + + ROS Writer + + Initial draft + + + + + + + + + + + + + + + + diff --git a/xml/source/snippets/localisationstrings.xml b/xml/source/snippets/localisationstrings.xml index a526eae..b4bcef4 100644 --- a/xml/source/snippets/localisationstrings.xml +++ b/xml/source/snippets/localisationstrings.xml @@ -9,7 +9,7 @@ OFFERTE - OFFER + QUOTE penetratietestdiensten @@ -19,6 +19,14 @@ penetratietest penetration test + + penetratietestdiensten + penetration retesting services + + + hertest + retest + basis-securityscandiensten basic security scan services diff --git a/xml/source/snippets/offerte/en/introandscope_retest.xml b/xml/source/snippets/offerte/en/introandscope_retest.xml new file mode 100644 index 0000000..67e76ea --- /dev/null +++ b/xml/source/snippets/offerte/en/introandscope_retest.xml @@ -0,0 +1,10 @@ +
+ Introduction +

(hereafter “”), with its registered office + at , , , has requested + (hereafter “”) to perform . + Motivation for this request is that recently had penetration test done by and wishes to test if the vulnerabilities have been mitigated.

+ +

This offer sets out the scope of the work and the terms and conditions under +which will perform these services.

+
\ No newline at end of file diff --git a/xml/source/snippets/offerte/en/projectoverview_retest.xml b/xml/source/snippets/offerte/en/projectoverview_retest.xml new file mode 100644 index 0000000..949c6ad --- /dev/null +++ b/xml/source/snippets/offerte/en/projectoverview_retest.xml @@ -0,0 +1,27 @@ + +
+ Project Overview +

will perform + for as a follow-up on the previous test in XXXXXXXXXX TODO XXXXXXXXXX (timeframe of previous pentest). The services are intended to see if the previously discovered exploits are patched correctly. To do so, will access the systems again and test the findings from the previous penetration test (the “Targets”).

+ + +

will test using both publicly available vulnerability scanning tools and manual testing. shall perform a -day, follow-up penetration test via the internet.

+ + + + + + + + + +
\ No newline at end of file diff --git a/xml/source/snippets/snippetselection.xml b/xml/source/snippets/snippetselection.xml index 266dc44..02dd305 100644 --- a/xml/source/snippets/snippetselection.xml +++ b/xml/source/snippets/snippetselection.xml @@ -24,6 +24,22 @@ waiver + + + + introandscope_retest + projectoverview_retest + prerequisites + disclaimer + methodology + teamandreporting + planningandpayment + aboutus + conditions + generaltermsandconditions + waiver + + diff --git a/xml/xslt/meta.xslt b/xml/xslt/meta.xslt index 52ad321..897b0ed 100644 --- a/xml/xslt/meta.xslt +++ b/xml/xslt/meta.xslt @@ -25,7 +25,7 @@ for - + diff --git a/xml/xslt/off2rep.xsl b/xml/xslt/off2rep.xsl index 4413d33..33a1eb7 100644 --- a/xml/xslt/off2rep.xsl +++ b/xml/xslt/off2rep.xsl @@ -13,9 +13,6 @@ xmlns:xi="http://www.w3.org/2001/XInclude" xml:lang="en" findingCode="???"> Penetration Test Report - - client_info.xml - one target element per target @@ -24,6 +21,26 @@ + + + + + + + + + + + + client_info.xml + + + + + + + + FirstName LastName diff --git a/xml/xslt/placeholders.xslt b/xml/xslt/placeholders.xslt index 970e3c3..08e27c1 100644 --- a/xml/xslt/placeholders.xslt +++ b/xml/xslt/placeholders.xslt @@ -36,25 +36,25 @@ + select="/*/meta//client/legal_rep"/> - + - + - + diff --git a/xml/xslt/rep2off.xsl b/xml/xslt/rep2off.xsl new file mode 100644 index 0000000..c2e774d --- /dev/null +++ b/xml/xslt/rep2off.xsl @@ -0,0 +1,143 @@ + + + + + + + + + + + + + + + + + + + + + + + + + document meta information; to be filled in by the offerte writer + + + + + + + if there is a shorter way of saying the same thing, you can type it here (it makes for more dynamic offerte text). If not, just repeat the long name. + + + + + + + snippets/company_info.xml + + + + one target element per target + + + + + + + + + + client_info.xml + + + + + + + + + + 2 + duration of pentest, in working days + + + + TBD + + + date or date range in text, e.g. May 18th until May 25th, 2015 + + + + TBD + + + date or date range in text, e.g. May 18th until May 25th, 2015 + + + + ??? + + + + + + ???-box + + + please choose one of the following: black-box, grey-box, crystal-box + ??? + (eur|usd|gbp) + + + + + + + + needed for date on frontpage and in signature boxes; it is possible to add a new <version> after each review; in that case, make sure to update the date/time + + T10:00:00 + actual date-time here; you can leave the number attribute alone + ROS Writer + name of the author here; for internal use only + Initial draft + for internal use only + + + + + + + + + + + + + + + + + + + + + + +