| def generate_report(task_name, target_ip, difficulty, completed_steps, total_reward, hidden_flag, mistakes, clean_chain): |
| risk_level = {"easy": "MEDIUM", "medium": "HIGH", "hard": "CRITICAL"}[difficulty] |
| normalized_score = max(1e-6, min(1 - 1e-6, round(total_reward, 6))) |
|
|
| step_details = { |
| "scan": "Performed network reconnaissance using Nmap/Masscan. Identified open ports and running services.", |
| "enumerate": "Conducted service enumeration using Gobuster, SQLmap, enum4linux. Identified attack vectors.", |
| "exploit": "Executed targeted exploit against identified vulnerability. Gained initial foothold on target.", |
| "escalate": "Performed local privilege escalation. Achieved root/SYSTEM level access.", |
| "c2": "Established Command & Control channel. Achieved persistence and lateral movement.", |
| "cleanup": "Removed all artifacts, wiped logs, restored system state. Maintained full OPSEC.", |
| } |
|
|
| recommendations = { |
| "scan": "Implement network segmentation and firewall rules to limit exposed services.", |
| "enumerate": "Disable directory listing, update all services to latest versions, enforce strong password policies.", |
| "exploit": "Patch CVEs immediately. Deploy WAF. Enable IDS/IPS monitoring.", |
| "escalate": "Audit sudo rules and SUID binaries. Apply principle of least privilege.", |
| "c2": "Deploy EDR solution. Monitor outbound HTTPS/DNS traffic. Enable SIEM alerting.", |
| "cleanup": "Implement tamper-proof centralized logging (SIEM). Enable file integrity monitoring.", |
| } |
|
|
| report = f""" |
| ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ |
| β RED TEAM PENETRATION TEST REPORT β |
| ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ |
| |
| EXECUTIVE SUMMARY |
| βββββββββββββββββ |
| Report Date : 2026-04-08 00:00:00 |
| Target : {target_ip} |
| Engagement : {task_name} |
| Risk Level : {risk_level} |
| Result : COMPROMISED |
| CTF Flag : {hidden_flag} |
| Total Reward : {total_reward:.2f} |
| Clean Chain : {'YES - No OPSEC violations' if clean_chain else 'NO - Violations detected'} |
| |
| ATTACK CHAIN EXECUTED |
| ββββββββββββββββββββββ |
| """ |
| for i, step in enumerate(completed_steps, 1): |
| report += f" [{i}] {step.upper():<12} β {step_details.get(step, 'Action executed.')}\n" |
|
|
| report += f""" |
| FINDINGS & RISK ASSESSMENT |
| ββββββββββββββββββββββββββββ |
| Difficulty : {difficulty.upper()} |
| Phases Done : {len(completed_steps)} |
| OPSEC Errors : {mistakes} |
| Score : {normalized_score:.3f} |
| |
| RECOMMENDATIONS |
| ββββββββββββββββ |
| """ |
| for step in completed_steps: |
| report += f" β’ {recommendations.get(step, 'Review and harden.')}\n" |
|
|
| report += f""" |
| CONCLUSION |
| βββββββββββ |
| Target {target_ip} was successfully compromised via a {len(completed_steps)}-phase |
| attack chain. {'The operation maintained perfect OPSEC with zero violations.' if clean_chain else 'OPSEC violations were detected during the engagement.'} |
| Immediate remediation of identified vulnerabilities is strongly recommended. |
| |
| ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ |
| Generated by RedTeam PentestLab RL Environment | OpenEnv Framework |
| ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ |
| """ |
| return report |
|
|
