Skip to content

Configuration

It can be possible to customize reports and the application configuration in app/config/petereport_config.py

Application default credentials

PETEREPORT_CONFIG = {
    'admin_username': 'admin',
    'admin_password': 'P3t3r3p0rt',
    'admin_email': 'admin@petereport.pentest',
    'viewer_username': 'viewer',
    'viewer_password': 'v13w3r',
    'viewer_email': 'viewer@petereport.pentest'
}

Defect Dojo connector credentials

DEFECTDOJO_CONFIG = {
    'DefectDojoURL': 'https://demo.defectdojo.org',
    'apiKey': 'Token Key' # Format: Token <api_key>
}

Django configuration

DJANGO_CONFIG = {
    'secret_key': 'django-insecure-key-CHANGEMEPLEASE-pKj9bd9h7*RMCuU',
    'debug': False,
    'admin_module': False,
    'allowed_hosts': '[\'*\']',
    'server_host': 'http://127.0.0.1:8000',
    'upload_memory_size': 10485760 # 10MB
}

Templates configuration

PETEREPORT_TEMPLATES = {
    'templates_root': 'preport/templates/tpl',
    'storage_reports': 'storage_reports',
    'html_template': 'bootstrap-4-pandoc-template/template.html',
    'pdf_latex_template': 'petereport.latex',
    'report_id_format': 'PEN-DOC-',
    'report_csv_name': 'PEN-CSV',
    'report_markdown_name': 'PEN-MD',
    'report_html_name': 'PEN-HTML',
    'report_pdf_name': 'PEN-PDF',
    'report_pdf_language': "en",
    'report_pdf_title_background': "title.png", # title.png, blank.png - location: app/preport/templates/tpl/pdf/
    'report_pdf_pages_background': "title.png", # title.png, blank.png - location: app/preport/templates/tpl/pdf/
    'report_jupyter_name': 'PEN-JUPYTER',
    'initial_text': 'TBC',
    'titlepage-color': "e6e2e2",
    'titlepage-text-color': "000000",
    'titlepage-rule-color': "cc0000",
    'titlepage-rule-height': 2
}

Markdown configuration

Report information and media host configuration:

  • BASE64: Stores images in Database
  • MEDIA: Stores the images in the server (it is recommended to restrict the access to the server and encrypt the data to mitigate the leak or disclosure of the evidences). The path is not protected. This is highly insecure and not encouraged for production use. Should be configured the web server (apache, nginx, etc) to serve the media content using a protected link.
PETEREPORT_MARKDOWN = {
    'author': 'Pentest company',
    'subject': 'Pentest Report',
    'website': 'https://github.com/1modm/petereport',
    'martor_upload_method': 'BASE64' # BASE64 (stored in DB) or MEDIA (path not protected)
    'media_host': 'http://127.0.0.1:8000'
}