Domain specific (Web, Mobile, IoT, …) or custom test catalogs define the scope of the test and guide the tester. Create your own catalogs based on existing ones or from scratch.
Very similar findings again and again? Use predefined text blocks for finding, exploit and mitigation. Submit your own finding texts to an ever growing knowledge base. Selection is guided by a rating system.
Quality assurance through support of review process, including versioning. Integrated diff technique to simply identify reviewers suggestions.
Completeness checks based on catalog. Identify open TODOs. Generate positive findings automatically.
CVSS Calculator included. Or use other rating scheme if preferred.
Leverage the benefits of structured results
Imagine the security testing report came as structured data instead of the PDF you currently get – how much easier it would be to analyse it, feed it to other systems, generate statistics, distribute the right subset of findings to the various teams involved …
That is exactly the notion we built Limeviper on.
Pentesting reporting made easy
The tester is guided through the security test by policy related test catalogs (also working as checklists), e. g. based on OWASP testing guide.
No need to constantly re-invent the wheel – they can base their report on comprehensive text repositories for vulnerabilities, measures and controls.
Our report life cycle including revision and versioning, automated quality checks and elaborate access control make Limeviper enterprise ready.
Data for your enterprise
The final report data with all findings and recommended measures, management summary, metadata etc. can be distributed any way you like.
With the structured data at hand, you can feed it to any of your systems, such as ticket systems or GRC tools.
We also provide a simple tool for viewing, annotating and exporting the data („Limeviper Reader“).
And if you still require your plain old PDF (or XLSX), we‘ll provide that as well.
Built on thousands
of security tests
We built Limeviper to make our security testers happier. Let‘s be frank, who loves to write reports in a Word processor, fiddle with layout, tap into team knowledge by wading through older documents (if accessible anyway).
For years, we‘ve been using it for ourselves, and run thousands of security tests with its help.
Now, we make it available for you.
Built for security testers by security testers.